(Thanks to Larry Seltzer for this one)
What a wonderful list. It starts with this wonderful gem of truth and goes on down from there:
11. Security Industry and Market Analysts (I am become analyst, the destroyer of markets)
Those bastions of knowledge, defenders of the objective faith, and creators of 2-page, in depth, market analysis reports. They don’t actually analyze security they analyze the security market, they say cool things like “By the end of 2007, 75% of enterprises will be infected with undetected, financially motivated, targeted malware that evaded their traditional perimeter and host defenses.” and come up with amusing names and acronyms, (did you know that NBA – Network Behavior Analysis – was at one time called NADS – Network Anomaly Detection System – you can imagine the fun Gartner could of had with an overview of the NADS market). I spent years as an analyst myself and I loved my time, but I will always regret that analysts never actually test, demo, or even interact with the technology they so confidently and assertively write about.
That last sentence: “I will always regret that analysts never actually test, demo, or even interact with the technology they so confidently and assertively write about.”
I suspect there are a lot of enterprise customers out there who don’t know that analysts, for the most part, never play with the products they recommend. They view vendor Powerpoints and talk to customers, vendors, and the like. Who wins? Probably the vendor with the best Powerpoint, the best relationship with the analyst, and the most willingness to pay for analyst research.
Whatever. More here.