Cybersecurity leaders are grappling with the complexity, overlap and blind spots that come from utilizing a number of cybersecurity distributors and instruments. Most of the merchandise supplied by cybersecurity distributors have overlapping capabilities, making it simple for misconfigurations to happen and tough to uncover safety gaps. Consolidating cybersecurity merchandise reduces this complexity by streamlining the variety of merchandise and their interactions, thus enhancing effectivity of safety outcomes.
Organizations consolidate safety options for a wide range of causes, reminiscent of decrease complete value of possession via higher effectivity, improved safety posture via higher integration and controls protection, or ease of procurement. Organizations are inclined to consolidate the place they’ll afford to eradicate best-of-breed performance with out important drops in efficacy.
Cybersecurity leaders can use the next three methods to realize cybersecurity platform consolidation.
1. Determine desired safety outcomes
Speaking the target is as essential as executing the consolidation train. Typically, CIOs and different enterprise and know-how leaders will affiliate a consolidation mission with funds discount. Whereas discount of complete value of possession might show to be a welcome byproduct of this train, most CIOs count on the funds to develop for cybersecurity.
Cybersecurity leaders should as a substitute consolidate to simplify. Safe entry via a safe entry service edge or improved detection throughout siloed applied sciences utilizing prolonged detection and response are two of the principle consolidation initiatives.
2. Assess distributors and instruments
Cybersecurity leaders ought to assess the merchandise they’re presently utilizing and elements such because the performance they provide, the contract length, present spending and energy to keep up. Then, they need to establish the points and capabilities which can be essential of their group. Cybersecurity leaders also needs to assess various choices for particular capabilities — some presently unused merchandise might already be out there with their present licensing schemes.
SEE: Gartner Warns IAM Professionals Cyber Safety Depends upon Them
It’s key to gather outcomes from all doable areas and stakeholders. As cybersecurity leaders assess merchandise, they might disregard essential capabilities that aren’t instantly seen. A selected product may provide, for instance, a consumer or administrator administration expertise or set of present capabilities that is perhaps arduous to interchange; it may provide a service the place the consumer can contact the seller’s resident specialists to acquire steering on particular subjects. As soon as extra, consolidation just isn’t completely a value financial savings train — the evaluation train ought to seize these subtleties.
One factor particularly to guage is how tough it’s to take away a product or how simple it’s to combine. Oftentimes, profitable proofs of idea with a single cloud occasion for a product that’s promising however tough to deploy result in that product by no means being deployed extra broadly. Within the subsequent renewal, it’s dropped due to its restricted utilization.
3. Analyze outcomes and establish initiatives
As soon as present and potential cybersecurity instruments and distributors have been recognized, their outcomes may be analyzed. Cybersecurity leaders ought to establish must-have merchandise, which can be merchandise that include distinctive options or that may be problematic to take away.
Cybersecurity leaders also needs to establish which capabilities they’ve a number of merchandise in place for. There could also be merchandise from strategic distributors in place that may be added or maintained, and ones that may be eliminated. These kind of issues might help establish essentially the most possible initiatives to conduct first and execute on them.
Consolidation can be simpler in additional mature know-how areas. And whereas the trade could also be prepared for consolidation, not each group can be at that stage of maturity. Organizations usually consolidate as soon as they’ve just a few stand-alone elements that may be consolidated in a platform in place, quite than including model new functionalities as a part of a platform.
As soon as cybersecurity leaders have recognized and begun a consolidation mission, they need to remember the fact that consolidation just isn’t a finite train. Potential subsequent consolidation initiatives and their compatibility needs to be accounted for. Cybersecurity leaders can then be sure the elements they’re changing have stand-alone merchandise that may interoperate — for instance, by exposing utility programming interfaces — with different merchandise and distributors sooner or later.
Dionisio Zumerle is a VP Analyst at Gartner the place he covers utility and cell safety, in addition to rising know-how areas, reminiscent of utility safety posture administration and the consolidation of cybersecurity platforms.
