Sergey Nivens - Fotolia
It's no secret that enterprises have acquired a multitude of cybersecurity products over the past couple of decades.
The Cisco 2017 Annual Cybersecurity Report sheds some light on just how much organizations have acquired over the years. The company found 65% of the 3,000 chief security officers it surveyed said their organizations use from six to more than 50 different security products. This insight led Cisco to roll out a cybersecurity marketing campaign: "Would you fly in a plane made out of 50 planes?" asked one Cisco social media post.
Gene Hall, senior director of security marketing at Cisco, discussed Cisco's thinking on multiple-vendor security with channel partners at the recent Cisco Marketing Velocity conference in Chicago. For the past 20 years, he said, the customer's reflex action regarding a new security problem or breach has been to buy another box. The result, he said, is a "patchwork quilt" that doesn't necessarily improve security.
"It is incredibly complicated to manage," Hall said.
Channel partners in the security field are well aware of the challenge.
"Every time you turn around there is a new product coming out to fix a new threat or a new issue that has come up," said James Range, president of White Rock Security Group, an IT and network security solutions provider based in Dallas.
He suggested even large organizations are hard pressed to keep up with all of the cybersecurity products in their environments. In the antivirus field, for example, customers have told his company they can't learn all the features of each product they use. He said such customers rely on White Rock to fill in their knowledge gaps.
The depth of knowledge required to fully understand each product is so great, "nobody has time to learn everything," Range said.
The quest for integrated cybersecurity products
Some channel partners -- and their clients -- are looking for more integrated approaches to security as an answer to the challenge of managing a host of point products.
Jason Parry, vice president of client solutions at Force 3, a network security provider in Crofton, Md., said the company's federal government customers definitely want to see more integrated security offerings.
"They know they can't continue to deploy product sets on top of product sets -- they understand the soft costs associated with that," Parry said. He added that security engineers and analysts end up needing to know "multiple different solution sets."
What such customers are looking for, instead, is an integrated security approach that provides a holistic picture of an organization's security posture.
"How do we get visibility so we can focus on the things that are important to us and not worry about multiple management consoles and the multiple skill sets that we need?" Parry said, summarizing the customers' viewpoint.
Some IT security vendors are moving toward greater integration. Parry cited Cisco and Palo Alto Networks as examples of companies building a more platform-based or architecture-based security approach. He said the companies, both Force 3 technology partners, are focusing on building a security architecture that gets away from disparate cybersecurity products and provides a platform that customers can build upon.
Such integrated architectures, Parry said, are easier to manage and also provide an opportunity for automation. The automation of security tasks works best with a tightly integrated platform that permits the easy movement and sharing of security information, he added.
Palo Alto Networks' security platform, for example, offers integrated technology, automation and the sharing of threat intelligence. Cisco, for its part, is advancing a security architecture with a focus on integration, automation and ease of use.
James Rangepresident, White Rock Security Group
Other vendors are also offering a security integration play. EiQ Networks, for example, provides SOCVue, a security-as-a-service offering that includes security monitoring, vulnerability management and patch management. White Rock's Range said his company recently partnered with EiQ Networks to tie together various cybersecurity products such as firewalls, endpoint security products and intrusion detection/intrusion prevention systems.
The EiQ Networks tool, Range said, helps make sense of the data streaming from the disparate products and creates a "prioritized list of the threats hitting an organization."
Channel helps with integration
While channel partners may take advantage of cybersecurity vendors' integrated platforms and technologies, sometimes they provide the integration.
Integration is one aspect of the alliance struck between Grant Thornton LLP, a professional services firm based in Chicago, and Bay Dynamics, which provides a platform that calculates the financial effects of cyber risk.
Bay Dynamics' platform aims to improve customers' visibility into risk. But a customer must first understand what it needs to protect before it can hope to gain better risk visibility, noted Jeff Recor, principal of risk advisory services at Grant Thornton. That task calls for IT asset management and the company is now working to integrate ServiceNow's cloud-based IT service management product into Bay Dynamics' platform to provide that capability.
"Bay Dynamics is a good layer on top of something like ServiceNow," Recor explained. "There are a number of those kinds of integration plays that we are starting to do with Bay Dynamics."
Read about Cisco's Umbrella internet gateway security product
Learn about Palo Alto Networks' moves in the Asia-Pacific region
Find out whether it makes sense to start a cloud security practice