Enterprise security technology consolidation

Large organizations are consolidating the number of security vendors they do business with and buying products built for integration

Look around the cybersecurity infrastructure at any enterprise organization, and here’s what you’ll see—dozens and dozens of cybersecurity tools from just as many vendors. 

Now this situation wasn’t planned; it just happened. Over the past 15 years, bad guys developed new cyber weapons to exploit IT vulnerabilities. And large organizations reacted to these new threats by purchasing and deploying new security controls and monitoring systems. This pattern continued over time, leading to today’s patchwork of security point tools. 

+ Also on Network World: Is your company spending on the right security technologies? +

So, what’s the problem? Point tools aren’t really designed to talk with one another, leaving human beings to bridge the communications, intelligence and technology gaps between them. Furthermore, each individual tool requires training, deployment, configuration and ongoing operational support. More tools, more needs.

Fast forward to 2017, and there simply aren’t enough eyeballs, hands or hours in the day to make this jerry-rigged security model work. Want proof? In a 2016 research project conducted by ESG and the Information Systems Security Association (ISSA), survey respondents were asked about the ramifications of the global cybersecurity skills shortage on their organizations. Alarmingly, 35 percent said the skills shortage has created a situation where the cybersecurity staff doesn’t have adequate time to learn the nuances of the security technologies they purchase, leading to a condition where these technologies aren’t used to their full potential.

In summary, many enterprises have too many security point tools and not enough time. And the downsides here are pretty bad: complex operations, employee burnout, low ROI and increased risk.

Fortunately, CISOs recognize the state of their cybersecurity technologies and are adjusting their strategies accordingly. Recent ESG research reveals that 24 percent of enterprise organizations claim they are actively consolidating the number of cybersecurity vendors they do business with, while another 38 percent are consolidating the number of cybersecurity vendors they do business with on a limited basis. And another 21 percent are considering vendor consolidation. Look for this trend to continue and accelerate.

As previously mentioned, another issue with point tools is their inherent lack of integration with one another. CISOs are busy addressing this, as well, with updated security technology procurement strategies—74 percent of survey respondents said their organizations select best-of-breed security technologies but only if they are designed for broader integration. This sentiment was summarized by a CISO I spoke with who exclaimed, "Integration is the new best of breed."

It will certainly take time for large organizations to replace legacy security point tools with new technologies built for integration, but the ESG data points to a burgeoning trend. Enterprise organizations are actively tossing security point tools aside and building integrated security technology architectures (similar to ESG’s SOAPA model).  Henceforth, security point tools must offer stand-alone functionality, provide easy integration into broader security architecture, and be able to interoperate with other security technologies to provide a force multiplier effect.   

Copyright © 2017 IDG Communications, Inc.

How to choose a SIEM solution: 11 key features and considerations