Fresh Thoughts #91: Buying IT

delivering cardboard boxes

Last week, a customer asked me for some advice...
"Should we renew our EDR contract or use Microsoft Defender?"

If you read Market Dynamics and Malware Detection, you will already know my answer.
But this made me think about how we buy IT products and services.

IT & Cybersecurity: A Cost of Doing Business

To recap.

As activities - like detecting malware - become more certain and more common, they go through four evolutionary phases.

  1. Genesis: When nothing is certain, and the opportunities appear wondrous... if only you can do it.
  2. Custom built: When questions become "How do we...?" and the focus is on building.
  3. Product (+rental): When the market demand rapidly increases, and the focus is on operations and maintenance at scale.
  4. Commodity (+utility): When the activity is well understood, everyone who wants one has one, and conversations are about how to use the thing efficiently and effectively.

If you buy or authorise technology spending, you will spot where the latest sales pitch fits.

Virtual Reality headsets in the classroom or eSports instead of outdoor sports... Genesis.
AI-based marketing... Custom Built.
Phones and Laptops for staff... Commodity (+utility).

This is a model I've worked with for over a decade, and in that time, I've noticed patterns in how I make buying decisions.

  1. Buying Genesis: This is like buying art. Buy it because you love the idea - regardless of the quality of implementation. (Crypto-currency, anyone?)
  2. Buying Custom Built: This is like buying at a farmers market or craft fair. Buy it for the quality, the craft of delivery. It won't scale or survive for the long term, but Hey... it looks good now.
  3. Buying Product (+Rental): What features matter to you? Products are differentiated based on what they do - which inevitably leads to product-product substitution. Get advice. What's hot this year?
  4. Buying Commodity (+Utility): Buy what's good enough - at the lowest total cost.

Buying What's Good Enough

Oddly - people become incredibly passionate about their choice of commodity and utility tech.

Take laptops and phones, for example.
From a business viewpoint, it makes no difference whether you choose an iPhone or an Android...
A Windows, Mac or Chromebook...
They are just tools.

But there are, without doubt, tribes around each.
And those tribes can hold different understandings of - What's good enough.

Take the most commoditised thing you use each day - electricity.

Few people consider the quality of the electricity coming from the socket.
But hospitals spend hundreds of thousands to ensure noise-free electricity is in their CAT and MRI scanners.
And audiophiles may choose to spend $27,995 on a power conditioner to make the sound perfect.

So, what's good enough for the majority isn't always sufficient in specialist tribes.

Data-Driven Decisions

And so - what of our customer's question - "Should we renew our EDR contract or use Microsoft Defender?"

To avoid tribal and opinionated decision-making, our customer has adopted a data-driven process.
Before a significant change, evidence must be provided.
And so - I gathered data from various review sites.

When it came to detection rates - one scored 5.9, the other 6.0.
And the performance impact of the software - one was 17% slower, the other 19% slower.
The products were effectively the same.
Both were good enough.

The difference, however...
One was a significant cost - and a 3-year tie-in.
The other was included as an add-on to a license - they were already paying for...

What could have been a tense and opinionated became a simple economic choice.

November 7, 2023
3 Minutes Read

Related Reads

Child with paper and pencils

Fresh Thoughts #87: IT is Disposable... In a Good Way

In IT - craft is bad. Craft is the first step to technical debt and inertia...

Fresh Thoughts to Your Inbox

Fresh perspectives on cybersecurity every Tuesday. Real stories, analytical insights, and a slash through buzzwords.

We'll never share your email.

Subscribe to Fresh Thoughts

Our weekly newsletter brings you cybersecurity stories and insights. The insights that help you cut through the bull.

We'll never share your email.


Fresh Security Support

Your Questions


Fresh Sec Limited

Call: +44 (0)203 9255868