Source: Cliff Hang via Pixabay
In its many briefings with cybersecurity vendors, one of the most consistent themes Omdia hears is why enterprises need cybersecurity platforms.
Across nearly all segments of cybersecurity, the opening statement from large vendors always goes something like this:
"Enterprises have too many standalone security products. They're expensive to purchase, deploy, and manage; point solutions function in a silo because they aren’t designed to work together; trained, experienced cybersecurity professionals are hard to find and harder to keep — hence, fewer products mean more efficient training and staffing for CISOs. Not to mention, they aren't working because look what happened with that latest big scary data breach!"
Instead, vendors claim, enterprises could get better outcomes if they give up their multitude of standalone products and instead purchase a cybersecurity platform solution, which rolls up the capabilities of many discreet products into an all-in-one offering from a single vendor.
CrowdStrike, Fortinet, Palo Alto Networks, Trend Micro, and many others have positioned themselves as cybersecurity platform vendors, employing go-to-market messaging that emphasizes the integration, single user interface, improved security efficacy, and better return on investment that their respective cybersecurity platforms provide.
On its face, this seems sensible. All the above-mentioned challenges that come with point solutions are very real. Omdia asserts enterprises need their cybersecurity products to work together, specifically by exchanging data and performing orchestrated functions, but building and running an integrated ecosystem of best-of-breed security solutions provided by many vendors is a never-ending challenge, one that keeps security architects awake at night.
A Growing Number of Deployed Products
Plus, today's enterprises really do have a lot of security products. Omdia research shows that a majority of enterprises have 21 or more standalone security products, and a third of organizations have 31 or more.
It's not hard to buy into the sales pitch from platform vendors that the fastest way for enterprises to improve their security is by buying fewer point products and shifting spending to cybersecurity platforms.
However, according to Omdia research, it's simply not happening.
According to data from the 2023 Omdia Cybersecurity Decision Maker survey, organizations indicated an increased in number of standalone security products, not a decrease.
Source: Omdia
Omdia research shows that from June 2022 to May 2023, more than 80% of survey respondents saw an increase in the number of standalone security products in their organizations (161 respondents). Furthermore, for 44% of respondents, it wasn't just a minor increase; in those enterprises, the number of standalone products increased 11% or more. Conversely, just 7% of respondents noted a decrease.
The numbers highlight a stark contrast between the perception that is being advanced by cybersecurity platform vendors, and the reality being observed in enterprises. Despite the vendor-touted benefits of the platform approach, data indicates enterprises still live in a best-of-breed approach.
Omdia theorizes there are several possible explanations:
Messaging: Platform vendors simply aren't effectively communicating the benefits of a platform-based approach. This is possible, but unlikely. Anyone who has viewed vendor websites or attended an industry trade show like Black Hat in recent years has received a heavy dose of platform-centric marketing.
Entrenchment: Charge is hard, particularly in cybersecurity, and security teams are usually loath to abandon tools into which they have invested time and effort to achieve their desired outcomes. It is much easier for an incumbent vendor to win a renewal than it is for a rival to win a displacement.
Lock-in: Furthermore, in many cases, the vision of a migration to a platform approach requires a commitment to a broad, expansive, and potentially disruptive change. Implementing a platform approach means making a long-term commitment to one vendor and forgoing choices down the line. Many enterprises may be reluctant to cede that level of control.
Efficacy: Enterprises simply don’t see cybersecurity platforms delivering the desired outcomes. Indeed, Omdia has observed that many if not most cybersecurity platforms are created through a series of point product acquisitions, each of which is then re-engineered to be a component of a platform offering. In practice, this means a single platform may include tools written in multiple programming languages, using different data formats, and requiring incongruent user interfaces, creating a series of underlying technical challenges that negatively impact platform outcomes.
Specificity: Enterprises purchase point products because they tend to be very good at solving a very specific problem, and that earns loyalty among customers. Niche vendors that successfully ease a key cybersecurity pain point can stand the test of time amid a tumultuous industry. Case in point, vendors AlgoSec and Tufin have been addressing multivendor firewall management going on two decades and counting, when during that time cybersecurity titans like McAfee and Symantec have risen and fallen.
These are just a few of the possible reasons, and Omdia intends to conduct further research in this area, but for now, there are several notable takeaways.
Accept Enterprise Reality
For vendors, fostering a cybersecurity platform may be a sensible business strategy, but it is equally important to accept the reality few enterprises are buying into single-vendor platforms. Meeting the needs of the market also requires catering to organizations living a best-of-breed approach. This means vendors should not only support ease of integration through technology partnerships and open standards but also minimize the finger-pointing when customers need help making rival vendors' offerings work together.
For enterprises, the best-of-breed approach may be familiar, but platform vendors are working hard to address many of the shortcomings that have hindered all-in-one cybersecurity platforms to date. When solution refresh cycles come up, it's worth stepping back and taking a broader look at whether the evolving platform landscape may offer a better long-term approach. For those focused on point solutions, be sure the requirements include actual examples of successful best-of-breed integrations and testimonials from customers who have achieved the desired outcomes from their integrated security architectures.
For service providers and channel partners, platform vendors' struggles are your opportunities. On one hand, working through (or entirely removing) the challenges of implementing and running a best-of-breed cybersecurity solution architecture isn't easy, but vendors and enterprises alike desperately need this assistance. On the other hand, cybersecurity platforms make for a compelling service offering, while evangelizing the benefits of these platforms is an area where vendors reliance on the channel is only growing.
For more information, read Omdia Cybersecurity Decision Maker 2023: Overall Findings & Enterprise Cybersecurity Operations (SecOps) (Omdia subscription required).