More Consolidation, Integration Coming in Cybersecurity

Mike Sapien

Consolidation and integration emerged as two of the major themes at this year’s RSA Conference 2019, perhaps the result of the high enterprise demand for fewer tools and vendors, as well as a shortage of talent. The large conference remains a major watering hole for many traditional vendors, providers and startups that touch security technologies and services.

As at past RSA conferences, there was the usual overuse (and misuse) of technology buzzwords, and once again talk of the now severe shortage of skilled security personnel. Ovum expects to see further consolidation among vendors and providers, with a move to greater integration to provide more functionality with fewer tools, vendors or providers.

Ovum has seen in surveys, research and customer discussions that customers are demanding fewer security tools and have been suffering tool fatigue over the past few years. They’re not looking for any more tools or point solutions to solve yet another niche security problem. From recent research, discussions with customers and MSSPs, and RSA briefings, Ovum sees a growing trend for consolidation among the vendors, along with integration of security solutions by vendors and providers.

At the same time, Ovum sees customers less interested in deploying any point solutions that are not integrated into their existing security tools and platforms. Another result of this trend was obvious at RSA, with a lower noise level from smaller security vendors, which are usually more vociferous about their point solutions. Customers don’t want to buy or deploy yet another solution that doesn’t talk to their existing security platforms. Vendors have reacted to this by providing more functionality in their security solutions and integrating their own security products. Symantec is a great example of this, having done a lot of work to both integrate its products and create a platform to allow customers to add Symantec services as well as other security solutions. RSA had announcements by providers as well:

• Following its acquisition of AlienVault, AT&T announced the creation of its new cybersecurity business unit.
• Verizon purchased ProjectWise, presumably to underpin a future managed detection and response (MDR) service.
• NTT Security purchased WhiteHat Security.

These are all good examples of a consolidation trend within the security industry that will create new, integrated security solutions and provide strong security talent to the acquiring party. Ovum will be looking to see the newly developed offers and how talent is retained, but, on the surface, the result should be more integrated solutions and strong security talent in each firm that will enhance the security offers to their respective customers.

Expect to See More of This

Ovum has seen a growing security skills shortage over the past five years that is becoming ever more acute. And yes, many vendors and providers have shared their creative retention and aggressive hiring plans for many years now. But the shortage seems to be increasing, which drives more acquisitions and consolidation than ever before. It may not be the main reason for an acquisition, but Ovum believes that the acquirer is also looking more and more for talent in every acquisition. Intellectual property will always be critical in any acquisition, but in the security industry, acquiring strong talent may be just as strong a driver. And as more and more of the point-solution vendors see the need to integrate with bigger players, the industry will see …