Research Firm Provides Tips for Predicted Security Platform Consolidation
Research firm Gartner predicts a consolidation of security platforms as enterprise security and risk management (SRM) teams face a confluence of factors that make their jobs harder.
"Security and risk management leaders continue to be asked to do more with less -- facing more demand for service, fast-changing threat landscapes and insufficient technical talent," Gartner said in last month's report titled "Predicts 2022: Consolidated Security Platforms Are the Future." This research predicts that platform consolidation will help SRM leaders' organizations thrive in hostile environments."
In hard numbers, the firm's report is based on these strategic planning assumptions:
- By 2025, 80 percent of enterprises will have adopted a strategy to unify web, cloud services and private application access from a single vendor's security service edge (SSE) platform.
- By 2025, 30 percent of enterprises will have adopted a data security platform (DSP), due to the pent-up demand for higher levels of data security and the rapid increase in product capabilities.
- By 2025, 70 percent of organizations will consolidate the number of vendors securing the life cycle of cloud-native applications to a maximum of three vendors.
- By 2027, 50 percent of midmarket security buyers will leverage eXtended detection and response (XDR) to drive consolidation of workspace security technologies, such as endpoint, cloud and identity.
In fact, Gartner says, the movement is already well underway, with a 2020 poll of 83 percent of organizations which were pursuing a vendor consolidation strategy indicating that effort has been ongoing for at least a year.
The firm sees SRM vendors following two different approaches to consolidation, a platform approach in which different systems and functionalities are integrated, and a portfolio approach in which packaged products are provided, requiring little integration with other IT systems.
- Leverage interdependencies and commonalities among adjacent systems
- Integrating consoles for common functions
- Support for organizational business objectives at least as effectively as best-of-breed
- Integration and operational simplicity mean security objectives are also met.
- Leveraged set of unintegrated or lightly integrated products in a buying package
- Multiple consoles with little to no integration and synergy
- Legacy approach in a vendor wrapper
- Will not fulfill any of the promised advantages of consolidation
"Differentiating between these approaches is key to the efficiency of the suite, and vendor marketing will always say they are a platform," the report said. "As you evaluate products, you must look at how integrated the consoles are for the management and monitoring of the consolidated platform. Also, assess how security elements (such as data definitions, malware engines) and more can be reused without being redefined, or can apply across multiple areas seamlessly. Multiple consoles and multiple definitions are warnings that this is a portfolio approach that should be carefully evaluated."
With the platform/portfolio approach bifurcation constituting one of the key takeaways from the report, the other three are:
- Driven by the need to reduce complexity, leverage commonalities and minimize management overhead, security technology convergence is accelerating across multiple disciplines.
- Organizations are working or planning to work on vendor consolidation strategies; this is a long-term project for most of them, because it's often a large architectural shift.
- Technology consolidation is not limited to one technology area or even to a closely related set of technologies; these consolidations are happening in parallel across many security areas.
"Security technologies and mindsets have continuously oscillated between best-of-breed and platform solutions (even if the latter has too often been a marketing construct, more than an actual approach)," Gartner said. "This oscillation is driven by buying centers, vendor preferences and technical demands. It has left organizations and security and risk management (SRM) leaders with huge technical debt and often a fragmented, complicated infrastructure that doesn't help an organization's mission to enable its digital business. Such infrastructures are hard to manage, limit visibility to the true state of security, and have created gaps between silos or mismatched policies."
The reports' recommendations for enterprises include:
- Evaluate security platforms where they share data and control planes; leverage this consolidation to define common policies and reduce gaps and vulnerabilities between legacy silos.
- Evaluate your security needs for outbound communications, and determine where cloud-managed solutions fit your risk and business profiles.
- Inventory data security controls to implement a multiyear phaseout of siloed data security tools that are holding you back when you need to leverage your data in favor of a modern data security platform.
Implement an integrated and converged security approach that covers the entire life cycle of cloud-native applications, starting in development and extending into production.
Evaluate workspace security packages united by extended detection and response as a meaningful way to reduce the complexity of security operations.
The report incorporated research (Gartner's "2020 Security and IAM Solution Adoption Trend Survey") that was conducted online during March and April 2020 among 405 respondents from North America, Western Europe and the Asia/Pacific (APAC) region.
David Ramel is an editor and writer for Converge360.