IT security professionals push for consolidated standards and vendor products [Report]

Cybersecurity professionals want the IT industry to push for vendor consolidation and open standards.

This major shift in the way IT professionals protect networks is long overdue, according to new research from the International Information Systems Security Association (ISSA) and independent analyst firm Enterprise Strategy Group. (ESG), a division of TechTarget.

The push toward vendor consolidation and open standards is being driven by buyers themselves who are being challenged by the growing complexity, costs, and hype of “tool proliferation” of best-in-class technologies.

Nearly half (46%) of organizations are consolidating or planning to consolidate the number of vendors they do business with. Concerned about the increasing complexity of security operations, 77% of infosec professionals would like to see more industry cooperation and support for open standards that promote interoperability.

Thousands of cybersecurity technology vendors compete in many security product categories. Organizations want to simultaneously optimize all security technologies in their stack.

According to the research report, vendors supporting open standards for technology integration will be best positioned to address this shift in the industry.

“Given that nearly three-quarters (73%) of cybersecurity professionals believe that vendors engage in hype rather than substance, vendors that demonstrate a genuine commitment to supporting open standards will be best positioned. to survive the ongoing industry-wide consolidation,” said Candy Alexander, Board Chair, ISSA International.

CISOs have been so overwhelmed by vendor noise and faced with security “tool proliferation” that for many, a wave of vendor consolidation is like a breath of fresh air, she added.

Switch to Security Platforms

ESG conducted the study with 280 cybersecurity professionals, most of whom are ISSA members. The results, released last month, focused on security processes and technologies and show that 83% of security professionals believe that future technology interoperability depends on setting industry standards.

The report details show a cybersecurity landscape that looks favorably towards security product suites (or platforms) as it moves away from a defense-in-depth strategy based on deploying the best cybersecurity products. . This approach is based on a historic precedent that has steadily increased organizational complexity and contributed to substantial overhead for operations.

“The report reveals a massive shift underway within the industry, one that to many seems like a long time to come,” said Jon Oltsik, Senior Principal Analyst and ESG Fellow.

“The fact that 36% of organizations are willing to purchase most security technologies from a single vendor speaks volumes about the shift in buying behavior as CISOs openly consider security platforms instead of best point tools,” he added.

Why the best-of-breed jump

The number of competing security suites has exploded, with many organizations managing 25 or more independent security tools. As a result, security professionals are now reluctant to juggle so many independent security products to do their job.

Managing an assortment of security products from different vendors has increased training requirements, the difficulty of getting an overall security picture, and the need for manual intervention to fill gaps between products. As a result, 21% of organizations are consolidating the number of cybersecurity vendors they do business with, and 25% are considering doing so.

“In general, it has become too difficult to purchase, implement, configure and operate many different tools, not to mention the ongoing support relationship with vendors. Consolidation gives meaning to management and operations,” Oltsik told TechNewsWorld.

This continued complexity drives 53% of cybersecurity professionals to purchase security technology platforms over cutting-edge products. The study showed that 84% of respondents think a product’s integration capabilities are important, and 86% consider it essential or important that the best products are designed to integrate with other products. products.

According to 60% of IT teams, tighter integration between previously disparate security controls rather than “best-of” purchases is a primary need. Improving threat detection efficiency, such as accurate, high-fidelity alerts and better identification of cyber risks, was on 51%’s wish list.

Widespread government mandates

Cybersecurity products cover the basics, Oltsik noted. This includes a range of products for antivirus software, firewalls, some type of identity management system, and endpoint encryption.

“In many cases, these technologies are mandated by government and industry regulations,” he added. “The biggest influencer in protecting cybersecurity is the US federal government which can and has imposed certain standards.

For example, the Security Content Automation Protocol (SCAP) is a synthesis of interoperable specifications derived from community ideas. The current CMMC (Cybersecurity Maturity Model Certification) standard requires certain security certifications for DoD vendors.

“We’ve also seen standards emerge from the industry, such as the Organization for the Advancement of Structured Information Standards (OASIS) activity and other OASIS standards. This week alone we saw the introduction of the Open Cyber ​​Security Framework (OCSF), a standard data schema for security data. There are also many identity management standards,” he said.

Finding common ground of safety

After reviewing this data, ESG and ISSA recommend that organizations encourage their security vendors to adopt open industry standards, possibly in cooperation with industry Information Sharing and Analysis Centers (ISACs). . Additionally, there are a few established security standards from MITRE, OASIS, and the Open Cybersecurity Alliance (OCA).

Many vendors speak favorably of open standards, but most do not actively participate in or contribute to them. This lukewarm behavior could change quickly, however.

To make this happen, cybersecurity professionals — especially organizations large enough to send a signal to the market — are establishing best practices for vendor qualification.

Additionally, they should push for process requirements that include the adoption and development of open standards for technology integration as part of the end-to-end process for all security technology purchases, according to the report.

Promising results

Cybersecurity standards and vendor consolidation will strengthen the cybersecurity landscape in the face of ever-increasing cyberthreats by facilitating product development and integration. This will allow industry and security teams to focus more on innovation and security fundamentals and less on building connectors for interoperability, Oltsik explained.

He sees a chance that these efforts are supported within the industry.

“It seems that some industry leaders are cooperating. I would point to OCSF where 18 vendors have agreed to support it,” he said.

This group includes many leaders – AWS, CrowdStrike, IBM, Okta and Splunk to start. Another potential driver would be support from large security technology customers, he added.

Oltsik concluded, “If Goldman Sachs, GM, Walmart and the US federal government said they would only buy from suppliers supporting the OCSF, that would really influence the industry.”

The full ESG-ISSA report titled “Technology Insights from Cybersecurity Professionals” is available here. No form to fill out is required.

Comments are closed.