To read this content please select one of the options below:

Information security technologies as a commodity input

Andrew Stewart (Consultant, Atlanta, Georgia, USA)

Information Management & Computer Security

ISSN: 0968-5227

Article publication date: 1 February 2005




The paper provides a pragmatic evaluation of the value that security technologies deliver to businesses. It contains recommendations for how businesses can best view the role of security technologies within an information security program.


The findings in the paper are derived from the observations of the author in his role as an information security consultant working for businesses in numerous vertical markets over the period of the last several years.


The principle finding in the paper is that the market for information security technologies is becoming a commodity market. This change will create a shift in how businesses view security technologies, as they will begin to focus on achieving security capabilities at the lowest possible cost. The processes of commoditization will also force security vendors to find new ways of doing business.

Practical implications

The paper makes several recommendations for how businesses should evaluate, acquire, and use security technologies within their information security program. It also highlights business needs that the security industry is currently not fulfilling.


The ideas in this paper are entirely original. As far as the author is aware, there are no existing papers with similar ideas.



Stewart, A. (2005), "Information security technologies as a commodity input", Information Management & Computer Security, Vol. 13 No. 1, pp. 5-15.



Emerald Group Publishing Limited

Copyright © 2005, Emerald Group Publishing Limited

Related articles