The missing link in the cybersecurity market

We’re excited to bring Transform 2022 back in person on July 19 and pretty much July 20-28. Join AI and data leaders for insightful conversations and exciting networking opportunities. Register today!

CISOs are in a constant state of conflict. While digital transformation and open business models are great for enterprises, they greatly increase the attack surface and expose enterprises to malicious cyberattacks. The job of the CISO is to resolve this strategic conflict by implementing cybersecurity technologies and processes, enabling business growth and minimizing cybersecurity risk.

Their first step in resolving this strategic conflict is to research the cybersecurity market and identify advanced security solutions. Unfortunately, the fragmented nature of the market offers dozens of product categories ranging from cloud security, endpoint security, application security, web security, threat intelligence and so on.

As if this wasn’t challenging enough, each category is divided into subcategories.

Talent shortages and budget constraints hurt CISO’s goals

The hyper-segmentation of the market forces security teams to involuntarily become system integrators, investing huge amounts of time and energy in conducting market analysis, product validation, cross-product integration and product maintenance automation to create a coherent, effective organizational cybersecurity structure. Such efforts require the recruitment of skilled professionals or the use of advanced services, which are challenging due to the acute shortage of workers in the field, as well as limited budgets. In essence, endless fragmentation in the cybersecurity market and a lack of qualified talent make the job of CISOs nearly impossible.

To meet this challenge, the CISO must adopt a different cybersecurity paradigm by implementing a single security platform created by global cybersecurity giants. This is better known as an enterprise cybersecurity platform.

Such platforms integrate security capabilities across different categories into a single, coherent defense system with centralized management, so-called mitigation most of the enterprise’s cybersecurity threats. These platforms are built on independent R&D efforts combined with capabilities arising from mergers and acquisitions of cybersecurity startups. While enterprise security platforms provide a suitable alternative to the best security paradigm and solve the extensive integration and orchestration efforts, they are still not a panacea.

The Endless Battles of Cyber ​​Security

The enterprise platform approach raises serious questions. For example, can one platform answer the ever-expanding array of threats? Can replacing the best capabilities with ‘good enough’ solutions counteract advanced threats? Can these platforms quickly adapt to changes in the cyber threat landscape? Is the organization willing to pay the price of vendor lock-in?

The problem with cybersecurity is the inherently endless battles between defenders and attackers. With the changing threat landscape and new challenges every day, such as supply chain attacks, ransomware, credential collection and others, switching to a platform paradigm cannot guarantee complete protection. Finally, vendor lock-in is a problem – organizations are trying to move away from that strategy because it is expensive and complex.

How can the market resolve the trade-off between the best security paradigm and the huge implementation friction?

What the market today needs is more lateral and horizontal innovation than the current vertical innovation, where cybersecurity startups adopt one threat or one technology, such as open source, software-as-a-service (SaaS), access control, cloud workloads, etc. — and attempts to address cybersecurity just for that domain. While necessary, all of these vertical markets create a fragmented market, which is challenging to deal with.

How horizontal innovation is strengthening the cybersecurity market

I would like to offer a different approach to solving market failures so that organizations can enjoy the benefits of both worlds: mitigating cyberthreats through a range of products without drastic integration and maintenance efforts.

Vertical innovation must continue to protect new technologies and neutralize new threats; at the same time, entrepreneurs and venture capitalists should encourage horizontal innovation.

Horizontal innovation leads to ‘horizontal products’, where capabilities from different categories and segments are interwoven into an effective defensive front. The core of horizontal innovation lies in smart integration, orchestration and automation, powered by AI algorithms.

The first buds of horizontal innovation can be seen in certain areas of the cyber market. For example, the transition from SIEM products to security orchestration, automation and response (SOAR) products within security operations (SecOps).

SOAR products horizontally integrate the defense capabilities of all IT layers, while combining cyberthreat intelligence (CTI) and automated investigation and recovery processes (IR and auto-remediation). This saves Security Operation Centers (SOCs) the hard work of integrating and responding to small-tactical incidents, allowing them to focus on investigating advanced attacks and shifting to proactive threat hunting.

Another example of horizontal innovation is application security (AppSec) for orchestration and correlation (ASOC) products. These products perform integration and correlation of security risks and vulnerabilities of AppSec products such as statistical application security testing (SAST) and dynamic application security testing (DAST), open-source security tools, API security tools, etc.

These cross-cutting products enable developers and AppSec professionals to address the “overflow” of security risks through automated cybersecurity clustering and context-based prioritization, all to bring to market highly secure applications that are “secured by design”.

An additional horizontal domain yet to be cracked is cybersecurity attitude management for enterprises, which aims to provide the CISO and corporate management with a comprehensive view of the state of cybersecurity. This includes identifying the “soft underbelly” and providing recommendations for improving the company’s security system.

To enable this shift in the market paradigm, all market players must enable and encourage horizontal innovation. CISOs should demand horizontal capabilities from companies and startups — moving to feature products as a last resort. Startups and large vendors need to make APIs available for their vertical security capabilities, creating an open architecture market.

Entrepreneurs must germinate horizontal innovation and investors must support it, even though vertical innovation may seem more glamorous. As horizontal innovation solves a difficult problem, these products will be in high demand and entrepreneurs and investors will reap the benefits of their investments.

Horizontal innovation, or product coupling between segments, is in fact the “missing link” in the evolution of the cyber market from silo capabilities to an interoperable security fabric. His time has come.

Elik Etzion is the general partner of Elron Ventures

DataDecision makers

Welcome to the VentureBeat Community!

DataDecisionMakers is where experts, including the technical people who do data work, can share data-related insights and innovation.

If you want to read about the very latest ideas and up-to-date information, best practices and the future of data and data technology, join us at DataDecisionMakers.

You might even consider contributing an article yourself!

Read more from DataDecisionMakers