The Doyle Report: Cisco Reinvigorates Debate Over Best-of-Breed Security Approaches vs. Single-Vendor Strategies

It’s RSA week and time again to take a closer look at the state of security.

By almost any measure, security is in awful shape. From Yahoo hacks to Russian attacks to denial of service incidents using IoT devices such as video cameras, threats seem never ending. (And that’s before I mention ransomware.)

The sorry state of affairs has once again raised the age-old question, “what is the best strategy for staying one-step ahead of the bad guys?” Cisco kicked this discussion into high gear recently when its services division sent out a Tweet that read, “Would you fly in a plane made out of 50 planes? So why are companies using up to 50 different security vendors?”

Cisco says that companies use as many as “50 different security vendors” to protect their data, applications, people and organizations. A better approach? “…An integrated architectural approach that gives digital menaces less time to make their mark,” Cisco says.

That made me smile. As a former Cisco employee, I know that very few Cisco platforms don’t include parts from other vendor’s products. Acquisitions, after all, have been an important part of the company’s strategy for years. Cisco buys companies to gain access to new technology, talent and territory.

If you look at the security buys that Cisco has made in recent years, you realize that its “integrated architectural approach” contains a lot of components from “other planes.” Last June, for example, Cisco bought CloudLock, which developed cloud access security broker (CASB) technology that “provides enterprises with visibility and analytics around user behavior and sensitive data in cloud services, including SaaS, IaaS and PaaS.” That followed the October 2015 acquisition of Lancope, Inc., which “provides network behavior analytics, threat visibility and security intelligence to help protect companies against top cyber security threats.”

These are but a few of the security companies that Cisco has bought. Others include Portcullis Computer Security, OpenDNS, Neohapsis, ThreatGRID, Cognitive Security and more.

To be fair, Cisco has a respectable record when it comes to integrating different technologies, but not always. (Remember Jabber and all its various forms? Oh boy.)

Which brings us back to the central question at hand: are your customers safer with a best-of-breed approach, or an integrated, single-vendor strategy?

The benefits of a single vendor approach are several. Think better integration, easier deployment, and a single pane of glass management. Alternatively, a multi-vendor approach avoids the single point of failure issue that some vendors face because they use shared code throughout their product lines. It also promises greater flexibility and broader protection, albeit at the cost of simplicity.

What do I mean by that? Well, it’s like the old line about a man with two watches. Because they are rarely in sync, he never really knows what time it is. Alternatively, a man with one watch thinks he does. Is he blissfully ignorant or foolishly close-minded?

Let me know your perspective.

p.s.: If you’re wondering how many different manufacturers contribute to the plane you last flew in, take a look at this graphic from Reuters showing where the 787 Dreamliner’s parts come from. It’s not a 1:1 rebuttal to what Cisco tweeted, but you get the idea.