Cybersecurity leaders are grappling with the complexity, overlap and blind spots that come from utilizing a number of cybersecurity distributors and instruments. Most of the merchandise supplied by cybersecurity distributors have overlapping capabilities, making it simple for misconfigurations to happen and tough to uncover safety gaps. Consolidating cybersecurity merchandise reduces this complexity by streamlining the variety of merchandise and their interactions, thus enhancing effectivity of safety outcomes.
Organizations consolidate safety options for a wide range of causes, similar to decrease complete value of possession by higher effectivity, improved safety posture by higher integration and controls protection, or ease of procurement. Organizations are inclined to consolidate the place they will afford to remove best-of-breed performance with out important drops in efficacy.
Cybersecurity leaders can use the next three methods to attain cybersecurity platform consolidation.
1. Determine desired safety outcomes
Speaking the target is as necessary as executing the consolidation train. Typically, CIOs and different enterprise and expertise leaders will affiliate a consolidation mission with finances discount. Whereas discount of complete value of possession could show to be a welcome byproduct of this train, most CIOs anticipate the finances to develop for cybersecurity.
Cybersecurity leaders should as a substitute consolidate to simplify. Safe entry by a safe entry service edge or improved detection throughout siloed applied sciences utilizing prolonged detection and response are two of the principle consolidation tasks.
2. Assess distributors and instruments
Cybersecurity leaders ought to assess the merchandise they’re at present utilizing and components such because the performance they provide, the contract period, present spending and energy to keep up. Then, they need to establish the elements and capabilities which might be necessary of their group. Cybersecurity leaders must also assess different choices for particular capabilities — some at present unused merchandise could already be out there with their present licensing schemes.
SEE: Gartner Warns IAM Professionals Cyber Safety Is dependent upon Them
It’s key to gather outcomes from all potential areas and stakeholders. As cybersecurity leaders assess merchandise, they might disregard necessary capabilities that aren’t instantly seen. A selected product may provide, for instance, a person or administrator administration expertise or set of present capabilities that is likely to be exhausting to interchange; it may provide a service the place the person can contact the seller’s resident specialists to acquire steerage on particular subjects. As soon as extra, consolidation will not be solely a value financial savings train — the evaluation train ought to seize these subtleties.
One factor specifically to guage is how tough it’s to take away a product or how simple it’s to combine. Oftentimes, profitable proofs of idea with a single cloud occasion for a product that’s promising however tough to deploy result in that product by no means being deployed extra broadly. Within the subsequent renewal, it’s dropped due to its restricted utilization.
3. Analyze outcomes and establish tasks
As soon as present and potential cybersecurity instruments and distributors have been recognized, their outcomes might be analyzed. Cybersecurity leaders ought to establish must-have merchandise, which can be merchandise that comprise distinctive options or that may be problematic to take away.
Cybersecurity leaders must also establish which capabilities they’ve a number of merchandise in place for. There could also be merchandise from strategic distributors in place that may be added or maintained, and ones that may be eliminated. These type of issues may help establish essentially the most possible tasks to conduct first and execute on them.
Consolidation shall be simpler in additional mature expertise areas. And whereas the business could also be prepared for consolidation, not each group shall be at that degree of maturity. Organizations usually consolidate as soon as they’ve a couple of stand-alone elements that may be consolidated in a platform in place, quite than including model new functionalities as a part of a platform.
As soon as cybersecurity leaders have recognized and begun a consolidation mission, they need to take into account that consolidation will not be a finite train. Potential subsequent consolidation tasks and their compatibility needs to be accounted for. Cybersecurity leaders can then be certain that the elements they’re changing have stand-alone merchandise that may interoperate — for instance, by exposing utility programming interfaces — with different merchandise and distributors sooner or later.
Â
Dionisio Zumerle is a VP Analyst at Gartner the place he covers utility and cell safety, in addition to rising expertise areas, similar to utility safety posture administration and the consolidation of cybersecurity platforms.