Cigital news (European market)

[connectjunkie at gmail.com (Justin Clarke)]

On 20/05/2009 02:21, "Kenneth Van Wyk" <ken at krvw.com> wrote:

> On May 20, 2009, at 12:34 AM, Gary McGraw wrote:
> > We believe that the European software security market is 2-3 years
> > behind the US market, but poised for rapid growth that will align it
> > with the US market in a much shorter period.  From what I can tell,
> > the European market is 14-20% the size of the US market.
>
>
> My experience there tells me that's an over-simplification of the
> situation.

It may be a simplification, but in my experience since moving from the US
market to the UK market several years ago, its true enough for the UK market
at least.

> European enterprises, on the other hand, tend to be quite conservative
> in taking to new practices.  They want to see clear justifications
> before diving in.
>
> But I just don't get the feeling that they're trying in any way to
> "align themselves with the US market".  They'll do their own thing in
> their own time, which is as it should be.

European enterprises also have different regulatory drivers. A large amount
of the commonality in approaches in financial services can be tied back to
the various regulatory regimes becoming somewhat closer - in that context
its probably more with knowing what has worked in the US context and trying
something similar in Europe than "following"... Remembering many of the
larger European organisations have operations in the US.
 
>  From my own little "nanocosm" perspective, I continue to see the bulk
> of my consulting engagements coming out of Europe and Southeast Asia.
> I've found both markets to be quite receptive to software security
> efforts for the past several years.

Very true - In my case it was just that some of the approaches were very
different to what I was used to having just come from the New York market to
the London market :-)

Justin