Services
Cyber Security
Data and Cybersecurity to Fight off Cyberattacks
Highlights
- As cybersecurity threats evolve and expand, organizations often respond by adding more security products from multiple vendors, but this may impede their progress toward their security goals.
- Security products and tools from different vendors often don’t approach security issues in the same way, making it difficult to get an end-to-end view of the cyber threat landscape.
- To address the challenge of such a fragmented cybersecurity ecosystem, firms need to urgently rationalize their cybersecurity vendor portfolio.
On this page
The boom of cybersecurity solutions
Enterprises face a variety of security vulnerabilities due to a constantly evolving threat landscape.
The typical reaction of enterprise security teams to a potential cyber threat is to add more products and solutions to their portfolio. There are good reasons for doing this. Cyber defense spans many types of specialties, from identity and access management to cloud security, to network and endpoint protection, data security and others. The chief information security officer (CISO) will want to have best-of-breed solutions for specific needs in every domain—as well they should.
Other reasons organizations might prefer providers dominant in the region are geographical footprint and expansion, customers’ industry of operation, variations in data regulations, and compliance around the globe. This helps them get the localization they need from security services, as leading providers can help with people, resources, and expertise on local regulations and their impact on global operations, across geographies.
Further, with the emergence of technologies such as generative AI, quantum computing, and hyper-automation, the pressure to add more security vendors is only increasing.
In one recent survey, 49% of cybersecurity leaders said their organization uses at least six security vendors—and a few reported they have more than 40 providers. Almost all respondents (98%) said they manage security products with multiple consoles. Unfortunately, more cybersecurity solutions do not equal better security overall. Multiple consoles and fragmented solutions mean potential confusion when it comes to seeing threats clearly and mounting a unified defense. This leads to a fractured view of the threat landscape, which inhibits an enterprise’s ability to identify cross-domain threats, leaving it susceptible to attackers who exploit security gaps among solutions.
Consolidating the cybersecurity solutions portfolio
Consolidation enhances an enterprise’s security posture and accountability.
When each security tool creates its own analytics, it is difficult for security teams to correlate the isolated data, which can help them identify an attack pattern. An organization’s ability to interpret the complete picture may be hobbled. For example, one tool might focus on identifying application vulnerabilities, another might analyze behavior within the network, and a third may track data movement throughout the organization. Each of these tools independently offers significant benefits, but when the solutions can’t seamlessly talk to each other, security teams won’t be able to identify gaps. Only when they are integrated can they offer cohesive insights into potential threats.
In a nutshell, how would the CISO know where to place the ownership for a security failure if half a dozen service providers and more than a dozen technology providers are involved?
Consolidation, therefore, is a goal all organizations should pursue to achieve greater security and accountability. The goal should be to combine multiple security functions into an integrated ecosystem that manages the full range of risks and protects the entire digital estate. Security teams should strive for tighter integration among disparate security controls and a more holistic view of the range of threats an organization faces.
The leadership may well ask whether the organization is more secure with 50 or 10 partners. There is no definitive number that best works. But one thing that’s clear is that every organization can improve its cybersecurity posture by working toward breaking down silos, improving coordination, and pursuing efficiency and consolidation in its cybersecurity functions.
Key tenets of the consolidation approach
Consolidating a cybersecurity partner portfolio involves rationalizing existing partners and solutions.
It also involves selecting the right partners that prioritize integration and interoperability. By examining and managing the number of cybersecurity partners it has onboarded, an organization can improve its security posture and capitalize on the benefits that a modernized security architecture will offer. To rationalize its cybersecurity partner portfolio, an organization can consider the following tenets:
Inventory of security partners: You may be able to identify existing solution vendors who have capabilities that span more than one work stream and could, therefore, take on more. This might provide an easy starting point for reducing the total number of vendors in an organization’s security ecosystem as a first step toward greater efficiency and coordination across domains.
Business value analysis: By conducting a thorough analysis, you can estimate not only a tangible return on investment but also consider domain-centric solutions aligned with your industry from security partners. You can then assess their ability to deliver these solutions. They should be able to support you in aligning your cybersecurity roadmap to your industry’s futuristic view of cyber resilience.
Think global-local: Special factors can drive an organization to favor a specific security partner in a geographic area. Considerations may include a vendor’s capabilities with a regulatory regime or market presence. It may be important to zoom out and consider whether a partner can serve your needs globally. Finding a global partner, and working with fewer local partners, may help improve coordination and improve the security team’s ability to see threats clearly across all geographies.
Due diligence for niche and emerging technology partners: While selecting providers to address specific security challenges, conducting thorough due diligence is critical. When only a handful of companies can fill a need, it becomes important to fully understand the product roadmap, whether the provider is likely to stay in business, whether its leadership has adequate credentials, and if the organization has made the right investments. Besides, an organization must be cautious in choosing the right provider, as the cybersecurity industry has many startups with varied capabilities.
Evaluate between integrated platform or multi-product ecosystem: You may get a fair degree of your cyber asks addressed by an integrated cybersecurity platform, offered by large service providers, which integrates security visibility and control across the entire digital estate of the enterprise. However, a thorough evaluation must be done to understand the product roadmap, its futuristic vision, and the ability to contextualize solutions for your industry. Another alternative could be to consider deploying a set of different products for different domains.
Exploit existing partnerships: In the ever-evolving threat landscape, cybersecurity product vendors are constantly innovating to provide proactive defense. Many large cybersecurity firms are acquiring startups to supplement their capabilities. If such a firm is part of your cybersecurity portfolio, you gain these additional capabilities as they become part of your digital estate.
Consortium approach: You can select a set of partners having synergies in their value proposition, so that they can collaborate, not compete, to offer comprehensive cyber resilience.
Capturing the value of consolidation
A firm gains numerous benefits when they consolidate their cybersecurity partners.
For instance, having greater visibility into the most important security risks to your organization, and better control over them, is the foremost reason to address the proliferation and fragmentation of cybersecurity vendor offerings.
In addition, rationalizing your cybersecurity strategy improves your ability to retain the people vital to maintaining your cybersecurity posture. In a 2019 survey of cybersecurity practitioners in security operations centers, almost two-thirds cited lack of visibility into IT security infrastructure as the biggest barrier to success. This contributed to workers wanting to quit or change careers.
At the same time, vendor consolidation can boost the effectiveness of security solution investments, and it may lower overall costs. By examining and managing the proliferation of cybersecurity partners, an organization can be proactive in seeking the benefits of a modernized security architecture.
Cybersecurity partner consolidation bridges gaps across diverse security components, cultivating an environment where strength lies in integration, collaboration, and a unified defense. The framework and considerations mentioned here create a security posture that is simple, agile, future proof, and can scale—serving the overarching goals of the CISO and the security team.
