Reflections on Consolidation Trends – Go Shopping or Go Native
It’s the Age of Consolidation
Consolidation is one of the top discussion issues in the cybersecurity industry. It seems as if there is a growing consensus among analysts, organizations and vendors that simultaneous orchestration of multiple disparate products is not viable for the long term and that they should gradually craft and implement a sound consolidation strategy instead.
True Need for Multiple Security Layers
The harsh reality is that threat actors relentlessly craft new attack vectors that target multiple attack surfaces – applications, user identities, networking infrastructure, vulnerable processes to name a few – compelling the defenders to deploy multiple security layers in response. It seems as if there is no right choice: either go with a single product and have definite security gaps, or deploy multiple products, consume budget and human resources and still be at risk of attacks that will leverage the blind spots and overlaps between the blind spots to operate undetected.
That is where consolidation comes in. However, there is a sting here as well, because there are two types of consolidation that vary greatly in the security value they provide.
Vendor Consolidation
The most common path is what we will call ‘Vendor Consolidation,’ comprised of large security vendors serially acquiring companies to their portfolio, either to enhance an existing capability or to expand into new fields – essentially adding up into a platform. While in theory it sounds good, in practice, products do not start to work well together just because the vendor’s name on the invoice has changed. In most cases, the actual level of integration is minimal and almost never surpasses a high-level management interface. The security team still needs to master multiple, essentially alien products and to invest expensive manual effort and skill into the aggregation and correlation of their signals, in order to gain a single, integrated threat protection and recovery view.
So, vendor consolidation does not solve the problems that trigger the consolidation drive in the first place. Let’s now zoom in on the alternative path.
The Cynet Path: Native Consolidation
While vendor consolidation relies on piecing together acquired products, native consolidation is about building technologies to work together from the ground up, designing them to natively complement one another.
Cynet is the first security platform that features a native consolidation, all breach protection functionality within a single interface: proactive IT hygiene, active threat protection and response orchestration – so the consolidation process takes place from the very beginning of Cynet’s design.
All of Cynet’s different protections – EPPEDR, network analytics, UBA and deception – were built together, to provide a level of interlocking security layers, automating what would otherwise require high manual effort and skill and enabling the security team to address the threats that matter. With Cynet, the entire security team needs to master only one interface that equips them to confront all threats – from compromise attempts utilizing zero day malware, to lateral movement and data exfiltration – providing a common language that materially accelerates and optimizes all security workflows.
Bottom Line
Consolidation strategy is imperative. But it should be the right kind, otherwise nothing has changed except the name of the vendor on the invoice. True protection requires more than that.
Sign up for a free Cynet trial here.