Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Mid-Market CIO Panel: Tips and Techniques for Improving Vendor Relationships
July 15, 4:00 PM - 5:00 PM U.S./Eastern (GMT-4)
We'll highlight relationship priorities and best practices identified in a Council study, and we'll interact with a CIO panel on the approaches they've used to improve strategic vendor partnerships.
Secrets of Successful Vendor Contract Negotiations for the Mid-Market
Sept. 10, 2009, 11:00 AM - 12:00 PM U.S./Eastern (GMT-4)
On this free public Council teleconference, Matthew A. Karlyn, attorney at Foley & Lardner in Boston, will share tips on negotiating tactics and new, creative contract terms to help mid-market CIOs make better deals.
Executive Competencies Assessment Tool
Assess Your Business Leadership Skills with the Council's new benchmarking tool. Rate yourself in change leadership, strategy, customer focus and more.
Learn more about the CIO Executive Council »Apply today for a FREE subscription to CIO Magazine!
March 15, 2003 — CIO —
At I.T. conferences, Marty Roesch gets a lot of attention?and offers for drinks at the hotel bar?once attendees find out who he is.
A typical reaction: "Hey, it’s the Snort guy! You know, Snort! The pig with the big sniffing nose on the website? It’s a riot! We use it everywhere. Hey man, have a drink on me!"
As the Snort guy, Roesch is the creator of an open-source network intrusion detection system and associated website, Snort.org. He spent years developing the program and enjoys the recognition. Through the Internet and word of mouth, thousands of IT administrators have downloaded his software to use at their companies. "You’d think it’d get old," he says. "But it takes us back to the heroic age of computing when individuals were recognized for doing great things."
There’s just one problem: The recognition and free drinks don’t pay Roesch’s hotel bills at the conferences. Acceptance is one thing; making a living is another.
Open-source developers like Roesch have a couple of choices. One is to be a consultant for the software they create, in which case they devote their lives to running a consulting business when they’d rather be writing code. The other is to build proprietary extensions to their open-source applications to create a more well-rounded package and sell that for real money (a move frowned upon in open-source circles, of course). That’s what Roesch did with his company, Sourcefire. The Columbia, Md.-based company layers some management tools and a friendly GUI on top of Snort (which is still available for free) on a preconfigured server for sale to CIOs who don’t want to manage the stuff themselves.
Roesch says he had no choice. Venture capitalists wouldn’t touch his company when he tried to sell it in 2001. "They wouldn’t go near it unless we had some [proprietary] intellectual content wrapped around it," Roesch says.
Once he put a proprietary wrapper around Snort, Roesch got his money, and his business is growing nicely, he says. (Sourcefire is privately held.) Other nascent open-source software developers are doing the same thing. Sweden’s MySQL, for example, offers separate proprietary versions of its open-source database with service contracts that pump up revenue.
But even the companies that have managed to successfully sell themselves as service and support providers for open source have struggled to find a winning business model.
Take Red Hat, the GNU/Linux operating system distributor based in Raleigh, N.C. Though $79 million Red Hat is now profitable, it was a long time coming. The company incorporated in 1998, went public in 1999 and posted its first profitable quarter in November 2002.