On May 20, 2009, at 12:34 AM, Gary McGraw wrote:
We believe that the European software security market is 2-3 years behind the US market, but poised for rapid growth that will align it with the US market in a much shorter period. From what I can tell, the European market is 14-20% the size of the US market.
My experience there tells me that's an over-simplification of the situation.
On one hand, some of the OWASP chapter meetings I've gone to in Europe have been as well or even better attended than their counterparts I've gone to in the US -- primarily in the DC metro area. And not just in terms of quantity. Many of the folks I've spoken with and worked with have been in many cases as well or even better clued than their US counterparts. So there's clearly an eagerness and awareness among the practitioners and academics, which is good.
European enterprises, on the other hand, tend to be quite conservative in taking to new practices. They want to see clear justifications before diving in.
But I just don't get the feeling that they're trying in any way to "align themselves with the US market". They'll do their own thing in their own time, which is as it should be.
From my own little "nanocosm" perspective, I continue to see the bulk of my consulting engagements coming out of Europe and Southeast Asia. I've found both markets to be quite receptive to software security efforts for the past several years.
Cheers, Ken ----- Kenneth R. van Wyk KRvW Associates, LLC http://www.KRvW.com(This email is digitally signed with a free x.509 certificate from CAcert. If you're unable to verify the signature, try getting their root CA certificate at http://www.cacert.org -- for free.)
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
