I'm not sure it's right, though. Giants are hugely concentrated targets. I'd presume that AWS/MS/Goog are as thoroughly inflitrated as Twitter, which keeps leaking private data to low-rent state actor Saudi Arabia. I think the trade-offs are a bit complicated and uncertain.
I think your analysis overlooks that small players are entirely reliant on the tooling made by the big ones. And when you get to medium scale the situation is worst—you grow large enough to be a target of interest just as you start replacing safer services your own bad software.
-
-
Hmm, but *software* (which is a *part* of security, but not all of it) scales way sublinearly. In principle, software security innovations can be written once (e.g. by a consortium) and applied everywhere.
-
Definitely not true for e.g. sec ops, which probably scales sublinearly (I hope?), which I think is a better argument for centralization. But still...
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.