Over the last few years I’ve been fascinated by the ever-interesting cybersecurity market. It’s the latest wild, wild west of technology frontiers. It’s a massive market, that is perfect in many ways—for me and ESG at least. Maybe not so much for you poor folk trying to deal with it.
In my world, mass confusion, contradicting claims, huge investments, and a hyper-growth problem that is organically getting worse and not better are wonderful things for a market research and analysis company. Combine that with having three rock stars on the forefront of the market (Jon Oltsik, Mark Bowker, and Doug Cahill) along with a research team that is the best on the planet at figuring out where the market is heading, and well, it’s a home run.
Market dynamics aside, it’s the problem that is most appealing to me. It is so very basic at the core: Bad people want to do bad things to you via data.
The problem is not new. It’s as old as mankind. The means in which the bad guys can attack you is what’s new—every single day.
And the new exciting attack vector is the hardest to defend—your people. Your people and their gizmos. Lots of unwitting accomplices for the bad guys to leverage to break into your world. Very, very hard to defend.
Cybersecurity is a magnificent market because the problem can never be solved entirely. Fix one hole, the bad guys find another. It’s a ping pong match for hackers.
Which is why it is so interesting that the research I was just shown tells me that 87% the market wants an end-to-end “platform” for endpoint security—from prevention to endpoint detection and response (EDR)—but no one can actually do that. Nor, do I think, anyone should actually try.
I get the desire—one thing to deal with—but as long as human beings are involved, they will do the dumbest things imaginable, and open the door to the boogie man no matter how well protected you think you are. There is always a new way in, and a new way to wreak havoc once they are there.
Platforms or product “suites” generally only work once the core problem to be solved actually has been solved. You can run a network management platform of your choice because all of the things you are managing leverage the same protocols. Thus, any platform will work, and then your decision is based on what else you can do with it. But it starts with solving the core problem: How do I discover and talk to every device on my network?
With endpoint security, the only way you can do this is when we get all the bad guys to behave in the exact same way. Create a standard for bad behavior, if you will. And since that isn’t going to happen anytime soon, or ever, I can’t see how there can ever be a universal answer to the endpoint continuum. You will always have to rely on best-of-breed solutions to the problems at hand, which unfortunately, are going to keep on changing.