On Monday of this week, I posted a blog about enterprise-class cybersecurity vendors. Which vendors are considered enterprise-class? According to recent ESG research, Cisco, IBM, Symantec, and McAfee top the list.
This blog addressed the “who” question but not the “what.” In other words, just what is an enterprise-class cybersecurity vendor anyway? As part of its research survey, ESG asked 176 cybersecurity and IT professionals to identify the most important characteristics of an enterprise-class cybersecurity vendor. The data reveals that:
- 35% of survey respondents say the most important attribute for an enterprise-class cybersecurity vendor is cybersecurity expertise specific to their organization’s industry. In other words, enterprise-class cybersecurity vendors need more than horizontal security solutions, they need to understand explicit industry business processes, regulations, organizational dynamics, global footprints, etc.
- 32% of survey respondents say the most important attribute for an enterprise-class cybersecurity vendor is a product and services portfolio that aligns with strategic IT initiatives. In this instance, infosec pros are calling for a broad array of products and services that align with things like digital transformation, business process re-engineering, supply chain integration, etc. Once again, way more than just hawking point tools for endpoint or email security.
- 32% of survey respondents say the most important attribute for an enterprise-class cybersecurity vendor is a commitment to reducing security complexity and improving ROI. This points to the need for vendors to supplement products with services, add automation/orchestration capabilities to products, and complement products with artificial intelligence capabilities.
- 32% of survey respondents say the most important attribute for an enterprise-class cybersecurity vendor is products built for scale and integration. Scale calls for the ability to deal with billions of security events and terabytes of security data while managing complexity. Integration demands that individual products interoperate as an architecture like ESG’s SOAPA.
Would-be enterprise-class cybersecurity vendors should consider the list above as table stakes to be considered part of the club. To become a true enterprise-class cybersecurity standout, however, vendors need to do even more. It’s my firm belief that the vendor (or vendors) that reach $5 billion in revenue by 2020 will also take a “soft power” leadership role in the following areas:
- Cybersecurity community affinity. Unlike other IT areas, cybersecurity professionals are bound together by a unique sense of community and purpose, involved in a battle between good and evil. Rather than simply market and sell to this community, leading enterprise-class cybersecurity vendors will become active participants by supporting professional organizations, providing resources, hosting events, contributing to open source efforts, and supporting broad communications and information sharing amongst community members. This won’t be easy as the cybersecurity community must be convinced that enterprise-class vendors share their passions, goals, and commitment before welcoming them with open arms.
- Cybersecurity education. To address the ongoing cybersecurity skills shortage, enterprise-class vendors will form alliances with leading universities, contribute software and equipment, establish scholarship programs, and actively promote cybersecurity career paths (and STEM programs) with grassroots community outreach programs. Industry leaders will also allocate resources toward CISO and business education programs.
- Cybersecurity career development. Job 1 is attracting more people to the cybersecurity field. Job 1a is making sure that cybersecurity professionals have the tools and support to develop their careers. Leading enterprise-class cybersecurity vendors will work on initiatives like ISSA’s cyber security career lifecycle and the NIST’s national initiative for cybersecurity education (NICE) cybersecurity workforce framework.
- R&D. Enterprise-class vendors should be thought and technology leaders in areas like secure software development, adversary tactics, techniques, and procedures (TTPs), threat research, and artificial intelligence, cognitive computing, and machine learning for cybersecurity. It is critical that enterprise-class vendors continually share and collaborate on this research with academia, the cybersecurity community, and the public sector.
- Public/private activity. Leading enterprise-class cybersecurity vendors will work hand-in-hand with government research labs, intelligence agencies, law enforcement agencies, and legislators, acting as a facilitator for public/private cooperation. For example, enterprise-class cybersecurity vendors will likely play a major role in coordinating and facilitating ad-hoc threat intelligence sharing networks between government agencies, enterprise customers, and global cybersecurity researchers.
- Open standards. Cybersecurity threats and technologies changed quickly and often, making it next to impossible for any one vendor to provide a one-stop-shop solution. Rather than simply opening APIs, leading enterprise-class cybersecurity vendors will promote and support open standards and work with customers and competitors to build support and consensus across the industry. An open industry standard for a SOAPA architecture would be a great place to start.
- Services, services, services. Even with coordinated and monumental efforts, the cybersecurity skills shortage isn’t going away anytime soon. Addressing skills and staff shortages won’t be easy, so CISOs need lots of options. Leading enterprise-class cybersec vendors will offer a broad portfolio of managed and professional services and make these services an integral part of security operations. In this way, CISOs can pick and choose what services help they need today and then modify the mix of products and services over time as business conditions, the threat landscape, and cybersecurity staffing changes.
Enterprise-class cybersecurity vendors won’t just be technology leaders, they will act as industry leaders. Aside from embracing open standards, these firms will establish best-in-class partner ecosystems, supported by SDKs, developer support, joint development projects, and broad sales and marketing support for partners.
Finally, leading enterprise-class cybersecurity vendors will establish themselves as cybersecurity centers-of-excellence by hiring top talent, supporting employee education programs, creating mentoring programs, and sharing internal best practices with customers and the cybersecurity community at large.
This blueprint for enterprise-class cybersecurity vendors won’t be easy to build as it will take shrewd leadership, ample resources, and a firm organizational commitment to get there. Nevertheless, I firmly believe that at least one vendor will separate itself from the pack. Winners have the opportunity to reap rich financial rewards AND make a true difference.