Introduction
As with the case of every other entity, the suite of applications, platforms, and software procured over a period by an organization, can become disorganized, unmanageable, and even inoperable and redundant to an extent. The same can be said of the numerous vendors who provide/service them. Once ‘best-in-breed’ solution/s, they were most probably procured by the enterprise from a number of leading suppliers, as the organization focused on obtaining solutions to specific problems. With the passage of time, however, this collection of heterogenous, multiple-point products would have grown unwieldy, with the numerous solutions now presenting multiple attack surfaces for bad actors, making life for the SOC and the CISO a literal nightmare. A study (2) undertaken in the context of consolidation shows that on average, an enterprise runs as many as 76 different tools.
In the cyber world, more solutions invariably make for more complexities that are often characterized by outdated technologies, low-cost effectiveness, and the tendency for human error – all of which are symptomatic of a poor security posture.
The roadblocks
The Road to Vendor Consolidation and Product Convergence was always going to be fraught with several roadblocks. Chief amongst these would obviously be a radical shift in the mindset and comfort zone of CISOs and cybersecurity staff who would have become accustomed to working with their all-too-familiar suite of cybersecurity products. Championing the cause for convergence and a shift to a ‘minimum effective toolset’, Gartner (1) calls out the myth of ‘more technology equals better protection’ in the erstwhile mindset of CISOs looking to invest in multiple point products for their various needs. Inherent in the ‘minimum effective’ mindset is an ROI-driven approach aligned to the future of cybersecurity, as Gartner sees it – an approach that will transport the organization from just ‘defending the fort’ to ‘unlocking the toolset’s true potential to create tangible value.’
Security Boulevard (2) lists two other roadblocks while explaining why consolidation and convergence are the future of cybersecurity.
- Breaking down data security silos which are generally associated with heterogenous systems and a variety of vendors, with a view to providing more control over enterprise data and clear visibility as to the users
- Readiness to discard long-outdated systems in favor of cybersecurity mesh architectures and data ecosystems in a ‘one-platform-to-rule-all’ scenario that focuses on modular elements which can be easily integrated and work hand-in-hand with each other to still deliver the ‘best-of-breed’ solutions associated with erstwhile products
Solutions Review (3) says human resource issues too are involved – job security fears, territorial feelings amongst SOC personnel, inertia to move to new systems and budgetary issues connected with change.
The case for consolidation
It is worthwhile remembering that consolidation is not the prerogative of organizations only. Managed Security Service Providers (MSSPs) (4) are in the game as well, being fully seized of the benefits they stand to reap. These include:
- Increased savings and higher margins on products by consolidating cybersecurity, backup, and disaster recovery services
- Single interfaces that save time and money for the MSSP where the training of customer staff is concerned
- More trust because of better user experience
- Increased profitability as a consequence of fewer human errors occurring from centralized services covering their own and their customer’s applications
- Improved services thanks to a one-time investment in AI-driven solutions
The growing desire for consolidation and convergence, however, is most amplified in the context of organizations. We look at some of the reasons consolidation is considered a must-do in cybersecurity circles today.
- Long-run reduction in costs due to the convergence of products, as redundant software licenses and outdated systems are done away with. Smart boardrooms (2) are investing in cybersecurity consolidation, despite the recessionary trends the world is witnessing presently, and despite the additional costs consolidation may result in, in the short term. Security Boulevard estimated that cybersecurity spending has risen by almost 60% over the past year
- Reduced burden on already overstretched cybersecurity teams with the phasing out of unnecessary software licenses, something that seems logical in these times of specialist shortages the industry is facing. Logic tells us that fewer systems are arguably easier to manage, and consequently result in higher staff productivity
- Converging security products enhances protection and slashes operational risks by reducing the information silos which otherwise can lead to a greater number of attack surfaces. Managing fewer systems and unified platforms provides greater visibility.
Well on the way
The benefits of the single dashboard showing patch status, updates, attacks, recoveries, and data health status cannot be overstated, feels Acronis(4), a software solutions leader. A look at the trends indicates that the ‘minimum effective mindset’ is becoming a reality.
On the MSSP front, Forbes finds that 92% of service providers have already begun consolidating, and 70% plan to consolidate further. And a 2022 survey by Gartner (5) shows that 57% of organizations are working with fewer than 10 vendors for their security needs while looking further to optimize to even fewer vendors.
The survey notes that in 2022, 75% of organizations pursued security Vendor consolidation, up from 29% in 2020. Clearly cognizant of the benefits inherent in consolidation, and the rationale, as much as 65% of respondents consolidated to improve their risk posture, while only 29% did so to reduce the spend on licensing.
SASE (6) – a potent combination of cybersecurity network functions, and XDR (7) – a unified platform for managing and maintaining cyber responses – are being touted by Gartner as the foundation blocks for organizations looking to kickstart their consolidation journey. The survey shows that 46% of surveyed companies are committed to this route. Organizations are already reporting the gains – 57% of organizations resolved security threats faster after implementing an XDR strategy, while more than half of surveyed organizations were found to be using SASE projects to simplify network and security policy management and consequently improve their security posture.
What more needs to be done
Consolidation figures from several surveys more than establish that consolidation is the chosen path. Still, for organizations looking to take the first steps in the journey, Gartner suggests they plan for consolidation at least two years in advance for enterprise-class vendors, and factor in the efforts required, costs involved, and vendor disruption that may occur during the planning phases. It’s worth noting the significant time investment required to tackle the inherent challenges of shifting an organizational culture towards a ‘minimum effective mindset’.
Two points bear examination (8). Many industry experts feel that more industry cooperation will be needed going forward, as vendors compete across numerous product categories. It’s also crucial to address the perception shared by almost 73% of cybersecurity professionals, who feel that many vendors prioritize hype over substance. Rather, as Environment, Social and Governance Association (ESG) and the International Social Security Association (ISSA) recommend (5), organizations must push their vendors to adopt open industry standards, in cooperation with the industry.
Conclusion
Given the prevailing tendency towards consolidation and readiness for such shifts, coupled with the undeniable benefits like operational efficiencies, tighter integration, and improved threat detection efficiency, the consolidation and convergence argument grows stronger. An intriguing forecast suggests that organizations will soon establish a new role for a Chief Product Security Officer (CPSO). This individual will work in tandem with the CISO to supervise convergence and guarantee the reliability, effectiveness, and cost-efficiency of the products in the cybersecurity technology stack.
It would be the icing on the cake for both players in the consolidation mix – Managed Security Service Providers and Organizations.
Contact us: sales@aurorait.com | +1 888 282 0696
References:
- Gartner Identifies Four Myths Obscuring Cybersecurity’s Full Value
- Why Technology Convergence is the Future of Cybersecurity – Security Boulevard
- Security and Networking: Steps Toward Convergence (solutionsreview.com)
- Acronis BrandVoice: 4 Ways That IT Automation Can Help Reduce Human Error (forbes.com)
- Gartner Survey Shows 75% of Organizations Are Pursuing Security Vendor Consolidation in 2022
- What is SASE? And What Are its Benefits? | Aurora (aurorait.com)
- WHAT IS XDR – WHY IS IT IMPORTANT? | Aurora (aurorait.com)
- Cybersecurity Professionals Push Their Organizations Toward Vendor Consolidation and Product Integration | Business Wire
- When product security and cybersecurity converge: A CSO’s perspective on how security organizations can thrive | 2021-06-03 | Security Magazine
- When product security and cybersecurity converge: A CSO’s perspective on how security organizations can thrive | 2021-06-03 | Security Magazine