More Consolidation, Integration Coming in Cybersecurity

The need to integrate crosses vendor and provider boundaries as customers look for less provider diversity.

May 15, 2019

5 Min Read
Integration
Shutterstock

By Mike Sapien

Sapien-Mike_Ovum-author-150x150.jpg

Mike Sapien

Consolidation and integration emerged as two of the major themes at this year’s RSA Conference 2019, perhaps the result of the high enterprise demand for fewer tools and vendors, as well as a shortage of talent. The large conference remains a major watering hole for many traditional vendors, providers and startups that touch security technologies and services.

As at past RSA conferences, there was the usual overuse (and misuse) of technology buzzwords, and once again talk of the now severe shortage of skilled security personnel. Ovum expects to see further consolidation among vendors and providers, with a move to greater integration to provide more functionality with fewer tools, vendors or providers.

Ovum has seen in surveys, research and customer discussions that customers are demanding fewer security tools and have been suffering tool fatigue over the past few years. They’re not looking for any more tools or point solutions to solve yet another niche security problem. From recent research, discussions with customers and MSSPs, and RSA briefings, Ovum sees a growing trend for consolidation among the vendors, along with integration of security solutions by vendors and providers.

At the same time, Ovum sees customers less interested in deploying any point solutions that are not integrated into their existing security tools and platforms. Another result of this trend was obvious at RSA, with a lower noise level from smaller security vendors, which are usually more vociferous about their point solutions. Customers don’t want to buy or deploy yet another solution that doesn’t talk to their existing security platforms. Vendors have reacted to this by providing more functionality in their security solutions and integrating their own security products. Symantec is a great example of this, having done a lot of work to both integrate its products and create a platform to allow customers to add Symantec services as well as other security solutions. RSA had announcements by providers as well:

  • Following its acquisition of AlienVault, AT&T announced the creation of its new cybersecurity business unit.

  • Verizon purchased ProjectWise, presumably to underpin a future managed detection and response (MDR) service.

  • NTT Security purchased WhiteHat Security.

These are all good examples of a consolidation trend within the security industry that will create new, integrated security solutions and provide strong security talent to the acquiring party. Ovum will be looking to see the newly developed offers and how talent is retained, but, on the surface, the result should be more integrated solutions and strong security talent in each firm that will enhance the security offers to their respective customers.

Expect to See More of This

Ovum has seen a growing security skills shortage over the past five years that is becoming ever more acute. And yes, many vendors and providers have shared their creative retention and aggressive hiring plans for many years now. But the shortage seems to be increasing, which drives more acquisitions and consolidation than ever before. It may not be the main reason for an acquisition, but Ovum believes that the acquirer is also looking more and more for talent in every acquisition. Intellectual property will always be critical in any acquisition, but in the security industry, acquiring strong talent may be just as strong a driver. And as more and more of the point-solution vendors see the need to integrate with bigger players, the industry will see …

… more consolidation and integration of products from smaller vendors. BlackBerry’s acquisition of Cylance is a great example of consolidation, with integration expected in BlackBerry’s future security portfolio.

Ovum expects to see more vendors and providers using small acquisitions to improve their security solutions, integrating some capabilities across their portfolios, developing more integrated solutions that will allow customers to have multiple security features in one portal and helping to eliminate the number of security vendors that customers must purchase from.

Vendors, Providers Integrating Offerings with Platforms

The need to integrate crosses vendor and provider boundaries as customers look for fewer tools and less provider diversity. RSA offered a quick glimpse of this trend, which will continue for the next few years. Ovum expects to see further evolution of this trend for the vendors and providers to embed more capabilities within security solutions and create more bundles for customers to eliminate the need for more tools.

The other benefit will be some relief from the lack of security talent. A by-product of this integration is the move to platforms, which was mentioned in many RSA meetings. Vendors and MSSPs alike promoted new security platforms to eliminate the need for more tools and interfaces to manage. With almost every briefing, there was talk of having an open platform to add other vendors or services into the mix and the promotion of a security ecosystem. Symantec isn’t alone in this idea of a platform, with Cisco and Microsoft talking about their new security platforms.

On the provider side, many MSPs and MSSPs talked of creating standard solutions using their respective security platforms to allow for more integrated services and less need for custom integration. Interestingly enough, even Google presented its plans for a more integrated security platform for Google services. Not all of this was totally new, but at RSA it was a common element shared in almost all discussions with providers and vendors. Ovum predicts the use of platforms and baked-in security features will be the focus of many security industry players. We can only hope that customers don’t suffer from security platform fatigue.

Mike Sapien is chief analyst, Enterprise Services, at Ovum Consulting, part of Informa Telecoms and Media Limited, where he follows networking, security and enterprise mobility requirements, including 5G and IoT, as well as emerging technology for the large enterprise market. He has more than 30 years of experience with telecoms and the internet services industry. Follow #InformaTech and Mike @Ovum, @MikeSapien or on LinkedIn.

Read more about:

MSPs
Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like