We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
CISOs are in a constant state of conflict. While digital transformation and open business models are great for the enterprise, they dramatically expand the attack surface and expose enterprises to malicious cyberattacks. The CISO’s job is to resolve this strategic conflict by implementing cybersecurity technologies and processes, enabling business growth while minimizing cybersecurity risk.
Their first step in resolving this strategic conflict is to research the cybersecurity market and identify advanced security solutions. Unfortunately, the fragmented nature of the market offers dozens of product categories, ranging from cloud security, endpoint security, application security, web security, threat intelligence and so on.
As if this isn’t challenging enough, each category is divided into sub-categories.
Talent shortages and budget constraints hurt CISO’s goals
The market’s hyper-segmentation forces security teams to involuntarily become system integrators, investing vast amounts of time and energy into carrying out market analysis, product validation, cross-product integration and product maintenance automation to create a coherent, effective organizational cybersecurity fabric. Such efforts require the recruitment of skilled professionals or the use of advanced services, which pose a challenge due to the acute shortage of workers within the field, as well as limited budgets. Essentially, endless fragmentation in the cybersecurity market and a lack of qualified talent make the CISOs job nearly impossible.
To address this challenge, the CISO must adopt a different cybersecurity paradigm by implementing a single security platform created by global cybersecurity giants. This is better known as an enterprise cybersecurity platform.
Such platforms integrate security capabilities across categories into a single, coherent defense system with centralized management, allegedly mitigating most of the enterprise’s cybersecurity threats. These platforms are built on independent R&D efforts combined with capabilities originating from mergers and acquisitions of cybersecurity startups. While enterprise security platforms provide a suitable alternative for the best-of-breed security paradigm and solve the extensive integration and orchestration efforts, they’re still not a silver bullet.
Cybersecurity’s endless battles
The enterprise platform approach raises serious questions. For example, can one platform answer the ever-increasing range of threats? Can replacing best-of-breed capabilities with “good enough” solutions counteract advanced threats? Can these platforms quickly adapt to changes in the cyberthreat landscape? Is the organization willing to pay the price of vendor lock-in?
The problem in the cybersecurity space is the inherently endless battles between defenders and attackers. With the evolving threat landscape and new challenges emerging every day, such as supply chain attacks, ransomware, credential harvesting and others, shifting to a platform paradigm cannot guarantee full protection. Finally, vendor lock-in is a problem – organizations are seeking to move away from that strategy as it’s costly and complex.
How can the market solve the tradeoff between the best-of-breed security paradigm and the immense implementation friction?
What the market needs today is more lateral and horizontal innovation rather than today’s vertical innovation, where cybersecurity startups take up one threat or one technology — such as open source, software-as-a-service (SaaS), access controls, cloud workloads, etc., — and attempts to address cybersecurity only for that domain. Although necessary, all these verticals cause a fragmented market, which is challenging to deal with.
How horizontal innovation strengthens the cybersecurity market
I’d like to offer a different approach to solving the market failure, so organizations can enjoy the benefits of both worlds – mitigating cyberthreats through a range of products without drastic integration and maintenance efforts.
Vertical innovation should continue to protect new technologies and neutralize new threats; however, at the same time, entrepreneurs and venture capitalists need to encourage horizontal innovation.
Horizontal innovation sprouts “horizontal products,” weaving together capabilities from different categories and segments into an effective defensive front. At the core of horizontal innovation lies smart integration, orchestration and automation capabilities powered by AI algorithms.
The first buds of horizontal innovation can be seen in certain areas of the cyber market. For example, the transition from SIEM products to security orchestration, automation and response (SOAR) products within security operations (SecOps).
SOAR products conduct horizontal integration of defense capabilities of all IT layers, while fusing cyberthreat intelligence (CTI) and automated investigation and remediation processes (IR and auto remediation). This saves security operation centers (SOCs) the hard labor of integration and response to small-tactic incidents, allowing them to focus on investigating advanced attacks and shifting to proactive threat hunting.
Another example of horizontal innovation is application security (AppSec) orchestration and correlation, (ASOC) products. These products perform integration and correlation of security exposures and vulnerabilities from AppSec products such as statistic application security testing (SAST) and dynamic application security testing (DAST), open-source security tools, API security tools, etc.
These horizontal products enable developers and AppSec professionals to handle the “overflow” of security exposures through automated cybersecurity clustering and context-based prioritization, all in order to bring highly secured applications to the market that are “secured by design.”
An additional horizontal domain that is yet to be cracked is enterprise cybersecurity posture management, which has a purpose to provide the CISO and the corporate management with a comprehensive overview of the state of cybersecurity. This includes identifying the “soft underbelly,” and providing recommendations for improving the enterprise security system.
To enable this market paradigm shift, all market players need to enable and encourage horizontal innovation. CISOs need to demand horizontal capabilities from companies and startups — turning to feature products as a last resort. Startups and major vendors must expose APIs for their vertical security capabilities, creating an open architecture market.
Entrepreneurs need to sprout horizontal innovation and investors should support it, even though vertical innovation may seem more glamorous. As horizontal innovation solves a difficult problem, these products will be in great demand and entrepreneurs and investors will reap the rewards of their investments.
Horizontal innovation, or cross-segment product linkage, is, in fact, the “missing link” in the evolution of the cyber market from silo capabilities to an interoperable security fabric. Its time has come.
Elik Etzion is the managing partner of Elron Ventures