Last week, I posted a blog about the move toward cybersecurity vendor and technology consolidation along with a growing emphasis on technology integration in the enterprise.
Here’s some additional data that reinforces these conclusions. As part of a recent ESG research project, 176 cybersecurity and IT professionals were presented with several statements and asked whether they agreed or disagreed with each one. Here are the results:
- 82% of survey respondents strongly agree or agree with the statement: "My organization is actively building a security architecture that integrates multiple individual product." This is likely part of a SOAPA (i.e., security operations and analytics platform architecture) project.
- 81% of survey respondents strongly agree or agree with the statement: "Cybersecurity product integration has become an important consideration of our security procurement criteria." In other words, standalone point tools don’t make the purchasing cut in most cases.
- 78% of survey respondents strongly agree or agree with the statement: "The security products my organization buys are regularly qualified on their integration capabilities." This aligns with the previous point.
- 73% of survey respondents strongly agree or agree with the statement: "My organization tends to select best-of-breed products." Once again, the data reflects that best-of-breed functionality and integration capabilities are critical.
Why the focus on integration and architecture? There is an element of simplifying purchasing and vendor management, but most CISOs want tools that work together so they can improve security prevention/detection while streamlining operations. Remember that most organizations don’t have enough skilled cybersecurity professionals so CISOs are fixated on getting more effectiveness and efficiency out of their security technologies as soon as possible.
On the supply side, this data suggests that there is a growing market opportunity for enterprise-class security vendors offering best-of-breed products with strong integration capabilities. This is the proverbial “1+1=3” model where point tools amalgamate so that individual products deliver a force multiplier effect when used together.
Lots of vendors offer products and an architecture but this option is still new and unknown to enterprise buyers—80% of survey respondents strongly agree or agree with the statement: "If my organization could identify an enterprise-class cybersecurity vendor, we would be willing to buy a majority of our security products from a vendor of this type."
Attention cybersecurity industry: Your enterprise customers want best-of-breed products, integration capabilities, and an end-to-end cybersecurity technology architecture, but they don’t really know which vendor offers it or how to build it. Therefore, cybersecurity vendors who take the time to educate, work with, and help enterprise organizations have an opportunity to prosper greatly in the years to come.