Cybersecurity leaders are grappling with the complexity, overlap and blind spots that come from utilizing a number of cybersecurity distributors and instruments. Lots of the merchandise provided by cybersecurity distributors have overlapping capabilities, making it straightforward for misconfigurations to happen and tough to uncover safety gaps. Consolidating cybersecurity merchandise reduces this complexity by streamlining the variety of merchandise and their interactions, thus enhancing effectivity of safety outcomes.
Organizations consolidate safety options for a wide range of causes, comparable to decrease whole value of possession by means of higher effectivity, improved safety posture by means of higher integration and controls protection, or ease of procurement. Organizations are likely to consolidate the place they’ll afford to remove best-of-breed performance with out important drops in efficacy.
Cybersecurity leaders can use the next three methods to attain cybersecurity platform consolidation.
1. Determine desired safety outcomes
Speaking the target is as vital as executing the consolidation train. Usually, CIOs and different enterprise and know-how leaders will affiliate a consolidation venture with finances discount. Whereas discount of whole value of possession might show to be a welcome byproduct of this train, most CIOs anticipate the finances to develop for cybersecurity.
Cybersecurity leaders should as a substitute consolidate to simplify. Safe entry by means of a safe entry service edge or improved detection throughout siloed applied sciences utilizing prolonged detection and response are two of the primary consolidation tasks.
2. Assess distributors and instruments
Cybersecurity leaders ought to assess the merchandise they’re at present utilizing and elements such because the performance they provide, the contract period, present spending and energy to take care of. Then, they need to establish the facets and capabilities which might be vital of their group. Cybersecurity leaders also needs to assess different choices for particular capabilities — some at present unused merchandise might already be obtainable with their present licensing schemes.
SEE: Gartner Warns IAM Professionals Cyber Safety Is determined by Them
It’s key to gather outcomes from all potential areas and stakeholders. As cybersecurity leaders assess merchandise, they could disregard vital capabilities that aren’t instantly seen. A specific product would possibly supply, for instance, a consumer or administrator administration expertise or set of present capabilities that is perhaps onerous to interchange; it may supply a service the place the consumer can contact the seller’s resident consultants to acquire steerage on particular matters. As soon as extra, consolidation isn’t solely a price financial savings train — the evaluation train ought to seize these subtleties.
One factor particularly to judge is how tough it’s to take away a product or how straightforward it’s to combine. Oftentimes, profitable proofs of idea with a single cloud occasion for a product that’s promising however tough to deploy result in that product by no means being deployed extra extensively. Within the subsequent renewal, it’s dropped due to its restricted utilization.
3. Analyze outcomes and establish tasks
As soon as present and potential cybersecurity instruments and distributors have been recognized, their outcomes may be analyzed. Cybersecurity leaders ought to establish must-have merchandise, which can be merchandise that include distinctive options or that may be problematic to take away.
Cybersecurity leaders also needs to establish which capabilities they’ve a number of merchandise in place for. There could also be merchandise from strategic distributors in place that may be added or maintained, and ones that may be eliminated. These type of concerns can assist establish essentially the most possible tasks to conduct first and execute on them.
Consolidation might be simpler in additional mature know-how areas. And whereas the trade could also be prepared for consolidation, not each group might be at that degree of maturity. Organizations sometimes consolidate as soon as they’ve a couple of stand-alone elements that may be consolidated in a platform in place, reasonably than including model new functionalities as a part of a platform.
As soon as cybersecurity leaders have recognized and begun a consolidation venture, they need to remember that consolidation isn’t a finite train. Potential subsequent consolidation tasks and their compatibility ought to be accounted for. Cybersecurity leaders can then ensure the elements they’re changing have stand-alone merchandise that may interoperate — for instance, by exposing utility programming interfaces — with different merchandise and distributors sooner or later.
Dionisio Zumerle is a VP Analyst at Gartner the place he covers utility and cell safety, in addition to rising know-how areas, comparable to utility safety posture administration and the consolidation of cybersecurity platforms.