In prior technical lives, I operated in a world of LU’s and PU’s (IBM SNA Network “logical units ” and “physical units “) and SVC’s and PVC’s (X.25 network “switched virtual circuits ” and “permanent virtual circuits “). Technologists of the day would argue which of these was the better architecture (yawn!), but what they had in common was that they were equivalent to the old telephone patch-bay; when you wanted one side of a connection to talk to another side of a connection, you attached the two ends together. Simple.

But then IP ( “internet protocol “) became viable for business networks, and shortly thereafter as a worldwide network for people everywhere to use, and the rest is history. And that was a big change, because now we all communicate via a connectionless network – the Internet. For the geek in you, here’s what Wikipedia says about “connectionless ” networks: “Connectionless communication is a data transmission method used in packet switching networks by which each data unit is individually addressed and routed based on information carried in each unit, rather than in the setup information of a prearranged, fixed data channel as in connection-oriented communication. “

Whew! That’s all the “geek ” you’re getting in this column.

The connectionless communication networks that we all use are truly a utility in our minds – we give the question “how does this work? ” about as much thought as we do the question of how electricity is reliably delivered to the receptacle that our TV’s are plugged into (I’m reminded of this every time I CAN’T get a good WiFi connection). That brings to mind one of my favorite branding campaigns in recent years, Cisco’s “Welcome To The Human Network “. I’ve had the pleasure of talking to Cisco’s CEO John Chambers on several occasions over the past 15+ years, and one thing that I can tell you about him is that he is absolutely focused on a vision of everyone being connected, everywhere, and all the time. Mr. Chambers is clearly a believer in 16^th Century philosopher Francis Bacon’s statement that “knowledge is power “. So am I, and that is the notion underlying just about every computer information system that has ever been installed. Information begets knowledge, and knowledge is power. It’s a good thing.

The ubiquity of a connectionless “human network ” is so taken for granted that even when we jump onto a connection-oriented network like our mobile phone service, we want to jump over to that connectionless environment to google around the world. The benefits are taken for granted too. I don’t think I’ve ever seen a serious challenge to the inherent goodness of all this connected-ness, and I can’t imagine what that would look like. We at RSR assume that consumer enablement in a mobile omni-channel world is a great thing. We all routinely say in our public utterances that the consumer now has more power on his or her smart mobile device than (probably) anyone working in the store has via the corporate information systems.

The Cost Side of the Story

For all its apparent benefits, our connectionless world unleashed a Pandora’s Box of evil demons out into a naïve world. We call those demons hackers, spammers, ID thieves, etc., and the world just wasn’t ready for them. For example, back in 2005, my partner Steve Rowan and I were running mini-conferences about looming PCI compliance mandates, but we abandoned the campaign after a four or five events because, frankly, we couldn’t get enough people interested. They’re interested now. A recent reported estimated that the average cost of a PCI compliance audit is $225,000.

I did some internet searching to find the total cost of malware, identity theft, PCI compliance and breaches, etc., and it turns out that the aggregate cost of such things is as hard to get your arms around as the benefits of ubiquitous connectivity. But here are a few indicators that I did find:

• ID Theft in the U.S. in the year 2011 cost consumers about $1.5B and businesses about $47B, according to the U.S. Federal Trade Commission;
• The cost of “malware ” to businesses worldwide in 2013 will be about $114B, according to a study by Microsoft and IDC;
• The average time a consumer spends straightening out the mess that results from ID Theft is about 30 hours per occurrence, according to whitecanyon.com;
• The need for malware/spyware protection spawned a whole new industry. The three biggest companies that sell virus protection software to consumers – Bitdefender, Symantec, and Kaspersky, have an aggregate revenue of somewhere near $15-20B.

Netting it out, the opportunity cost of having to deal with all of Pandora’s digital demons is huge – think what positive things we as a society could be doing with all that money and time!

The truth is that the IT’ers behind all that bad behavior are faster than the IT’ers in many corporations – they can move at lightning speed, they don’t have to wait around for a user to sponsor an idea, and they don’t have to worry too much about quality (but they DO have to worry about getting caught). What that means to business leaders is that technology partners are needed that obsess about such things and are as smart and dynamic as the threat.

Cisco’s News

This week, Cisco Systems, arguably the biggest commercial proponent of an Internet-connected world, announced its intention to acquire Sourcefire (reportedly a deal worth $2.7B). Here’s what the press release said:

“On July 23, 2013 Cisco and Sourcefire announced a definitive agreement for Cisco to acquire Sourcefire, a leader in intelligent cybersecurity solutions.

Mobility, cloud and the evolution of the ‘Internet of Everything’ are drastically changing today’s IT security landscape, making traditional disparate products insufficient to protect organizations from dynamic threats.

“Sourcefire delivers effective, highly automated security through continuous awareness, detection and protection across its industry-leading portfolio, including next-generation intrusion prevention systems, next-generation firewall, and advanced malware protection.

“The acquisition of Sourcefire will accelerate delivery of Cisco’s security strategy of defending, discovering, and remediating the most critical threats. Cisco and Sourcefire will combine their world-class products and technologies to provide continuous and pervasive advanced security threat protection across the entire attack continuum and from any device to any cloud. “

This sounds like a good move for the many commercial networks that run on Cisco technology. Every company needs to be one step ahead of all the threats “out there ” that can plague us all, and no retailer should go it alone.

And that brings to mind one of my earliest conversations with the aforementioned Mr. Chambers, when I was a retail CIO and had convinced my company to adopt then-fairly new “internet ” technologies powered by Cisco. There was some question at the time about the relatively high cost of Cisco’s solutions, but I persisted and the Santa Clara company got the deal (credit where credit is due: CIO of Home Depot Ron Griffin – now at Autozone – had made the recommendation to me, and his staff shared a great many details with mine to demonstrate the rationale for that recommendation). Subsequent to the implementation, Chambers asked me, “why did you choose Cisco? ” Maybe he was just being nice, but I replied, “because I don’t have the expertise in-house to stay on top of the complexities of all this connectivity and I don’t want it- we want Cisco to do that. “

Whether a retailer chooses Cisco or some other provider, I think that the logic should be the same that I used. Find a technology partner that you can trust to stay on top of the threats that can compromise your ability to deliver brand-building information to the connected world.