Digitalisation and cybersecurity happen to be two sides of the same coin. Increasing focus on the former automatically precipitates the bolstering of the latter; especially given the fact that advancement and democratisation of digital platforms, technologies, and solutions—besides enriching the lives of end-users—also widens the playground of cybercriminals by opening new avenues for misdeeds.
Over the past decade, the security and technology landscape has evolved significantly, with the security market becoming increasingly fragmented and cloud adoption maturing in enterprises. With a burgeoning number of security solutions and vendors, security teams find themselves overwhelmed with countless options when it comes to choosing one solution over another.
Complexity and tool sprawl
In their bid to stay on top of the growing cybersecurity challenges, several large enterprises are currently using between 50 and 100 different security tools from more than a dozen solution providers. Besides having to deal with tool sprawl with the increasing passage of time, they are grappling with dual complexity. First off, they have to toggle between disparate and disconnected tools, playing the role of system integrators, almost leaning over backwards to seemingly make those tools work in sync. Second, given the laborious nature of such activity, they find themselves wrestling to derive value from these investments.
The hiccup is not with the products per se—each serves a specific and important purpose; the problem is that these tools were never designed to work together. Therefore, the absence of integration and a unified view leads to anxiety among users.
Ad-hoc adoption of cloud technologies
The ad-hoc adoption of cloud technologies can lead to complexity, gaps in visibility, and data spread across multiple tools—on the cloud and on on-premises infrastructure. With growing hybrid cloud adoption, enterprises need to look at adopting the right policies and technologies to simplify security across these environments. As we enter the next phase of cloud maturity, the security industry has the opportunity to capitalise on this shift and redesign security for a cloud-based world.
The future of security is an integrated platform approach leveraging open standards, artificial intelligence, and automation to connect security tools and data across the hybrid cloud. However, there are a few factors for enterprises to consider while choosing a security platform.
Rationalisation of moving data: To stockpile all data in one place may seem to be a good idea, but it could be riddled with complexity, overspend, privacy, and data residency issues. Instead, choosing a security platform that connects with enterprise data where it is already located is a more prudent option. This way, enterprises can maximise their investment and enjoy a centralised view and access to their data.
Deployment flexibility: A security platform that restricts its deployment to either only on-premises, or only cloud can deprive enterprises of the flexibility they may need at a later date, say of a hybrid, multi-cloud architecture. Therefore, enterprises would want to choose a security platform that offers the flexibility to run on-premises, in a public cloud, or a private cloud.
Connect and integrate with third-party tools: To avert the need to rip and replace existing security tools, enterprises must make sure their security platform throws up no restrictions in integrating any of them. Towards this, they would want to choose a platform that supports open connections to a wide array of tools, has a large ecosystem of partners, offers an open software development kit (SDK), and support adding their custom connections.
Openness and adaptability of the platform: To reduce vendor lock-in and enjoy interoperability between various security tools, enterprises can opt for a security platform that offers flexibility in accommodating changes to their security programme. Key considerations include open standards, open-source technology, and open connections.
Capabilities and services: A security platform that offers the Security Orchestration, Automation, and Response (SOAR) solution as a core function can enhance the efficiency of security teams across a range of workflows. In the same breath, integrating threat intelligence into the platform can diminish the security analyst’s workload and facilitates prompt and informed decision-making.
Today, cybersecurity is at a tipping point, with the adoption of multiple, disparate security tools and the ad-hoc adoption of hybrid cloud. Enterprises need to take cognizance of the tremendous benefits an integrated security platform offers. That way, all security tools can work in one, orchestrated symphony, helping the enterprise stay ahead of emerging threats.
Views are personal. The author is Security Software Sales Leader, IBM Technology Sales, India/South Asia.