Niall O'Malley

London was again the venue for the 18th Infosecurity Europe conference last week. Along with over 100 other exhibitors, it was a busy three days for Mimecast - security workshops (summarized in our blog post last week), talking to crowds attracted to our eye-catching stand and some great conversations with media, customers and prospects.

As expected at the premier security event, security was hotly discussed with topics such as mobile security, cyber warfare, threat detection and prevention reoccurring themes.

Given security is a vital part of our offering, we’re most interested in the evolution of the security landscape and how it impacts communication technology in business. From this viewpoint, we noticed a clear point emerging from the conversations this year – we’re entering a new chapter in the maturation of how businesses consider cloud services.

Gone are the days of businesses questioning whether its data is safer in the cloud, now the focus is on issues such as whether a vendor truly believes in industry standards – for instance, there is an increasing expectation of vendors to be accredited against third party standards e.g. ISO 27001 and participate in transparency initiatives such as the CSA STAR registry.

In addition, IT teams are becoming increasingly sophisticated in testing whether vendors can stand by their SLAs. On this subject, one of our customers Paul Dryden invoked a vivid example in one of our workshops about how he evaluates cloud vendors – during a tour of the data centre he spontaneously asks the vendor to cut the power to see how the system reacts. Apparently, only one vendor has managed to perform the immediate simulated power cut for Paul and while this is one of the most extreme examples, we’ve encountered other customers and prospects that have indicated that they’re testing the SLAs of cloud vendors more rigorously.

With increasing pressure to comply with industry standards and more demanding tests around the strength and depth of their service, cloud vendors seem to be at a cross-road. Those services which have the scale and rigour to meet these growing expectations can look forward to growing recurring revenue, while the others will find themselves outside of the commercial conversation.

It’s possible that we’ll look back at 2013 as the year that there was a shake-out of the cloud service vendors, with security one of the key drivers for this change.