Oct 24, 2019

2020 may be cybersecurity's "year of the platform"

Illustration: Aïda Amer/Axios

Vendors and cybersecurity pros anticipate businesses may finally pivot from using dozens of independently working products to using integrated platforms built with coordination in mind.

Why it matters: It’s a small-seeming tweak with the power to completely reshape the industry. Business users currently layer sometimes dozens of unconnected security products on top of each other, creating overlaps and gaps in coverage. It's like building a pile of loose string when what you really want is a net.

But, but, but: A lot of the innovation in cybersecurity comes from how sprawling the industry is — a complex ecosystem of products designed to solve single problems. If clients begin to demand one-stop, one-provider solutions, the industry could contract, losing its research and design finesse along the way.

Large enterprises use 20 security products on average from nine different vendors, according to Forrester Research. Ask around, and it's easy to find companies using two or three times as many.

Vendors and their clients have long anticipated this change, but now they say it's here.

  • "2020 will be the year of the platform," said Nicole Eagan, CEO of Darktrace.
  • "This is the way the pendulum is swinging," said Kiersten Todt, managing director of the Cyber Readiness Institute (CRI), a nonprofit that works with small businesses to bolster cybersecurity.

Vendor fatigue: Cutting down the number of security products an enterprise uses is most often seen as a way to boost efficiency and save money.

  • A variety of vendors means security staffers need to be trained on a variety of systems and work with a variety of customer service agents.
  • "We found talking to customers that the most important factor in picking products is customer service," said Kevin Simzer, COO of Trend Micro, talking about why he expected a shift toward platforms. "They want to work with a single trusted vendor."
  • Certain classes of cybersecurity products, ones designed to look for indicators of attack, produce false alarms just under 99% of the time, according to a Kaspersky study earlier this month. More overlapping products mean more overlapping alerts to investigate.

Cost: Typically, when businesses cut down the number of products they're using, they cut costs. And, at least according to Darktrace's Eagan, there are a number of solutions sold as products that would be more appropriate as features in larger packages.

Security: It isn't just an efficiency issue.

  • It's easy for a business not to notice when a crateload of security products has a gap. But hackers search for systems vulnerable to their preferred gaps.

An integrated platform could be one built by a single vendor designing a unified system. Or it could be built out of products from separate vendors designed to piece together without overlaps or gaps.

For businesses, cybersecurity products tend to accumulate over time.

  • "Very few companies would create a network the same way if they started from scratch," said retired Maj. Gen. Earl Matthews, of Verodin, a company that helps clients integrate disparate cybersecurity products into more cohesive units.
  • Some products, he says, come from trying to solve an emerging problem like ransomware right away with ransomware-specific solutions. Over time, other products add ransomware protection to their capabilities, eliminating the need for the specific product, but companies are slow to eliminate its use.
  • Sometimes products are purchased because companies feel pressure to buy every "best in breed" product rather than try to integrate their existing products.
  • "Also, some salesmen are very good," Matthews said.

The catch: Todt worries that a move toward platforms might encourage smaller companies to overlook the occasions when they do need specialized products.

  • "You actually have to have the appropriate functionality," she said. "You’re starting to see mobile security become part of platforms. But not all mobile security is alike."

Go deeper

17 seconds ago - Politics & Policy

Virginia Gov. Ralph Northam announces removal of Robert E. Lee statue

Photo: Andrew Lichtenstein/Corbis via Getty Images

Virginia Gov. Ralph Northam announced on Thursday that the state will remove the statue of Confederate Gen. Robert E. Lee from Richmond's historic Monument Avenue.

Why it matters: It's a watershed moment for Virginia, which has been at the center of a years-long national debate about whether Confederate monuments should be displayed publicly. That discussion reached a boiling point when protests about a statue of Lee in Charlottesville turned violent in 2017.

RNC expands convention search across the Sun Belt

Donald Trump, Mike Pence and their families on the last night of the Republican National Convention in Ohio in 2016. Photo: David Hume Kennerly/Getty Images.

The Republican National Committee is planning site visits over the next 10 days to more than a half-dozen cities — across the South and into Texas and Arizona — as it scrambles for a new convention host, people familiar with the internal discussions tell Axios.

Driving the news: The RNC's executive committee voted Wednesday night to allow most of the convention to move — with only a smaller, official portion remaining in Charlotte — after North Carolina's governor said the coronavirus pandemic would mean a scaled-back event with social distancing and face coverings.

Oil faces tough road back from coronavirus

Illustration: Aïda Amer/Axios

Oil companies in the battered shale patch are starting to bring back some production as prices climb, but a new report underscores how the pandemic is taking a heavy financial toll despite signs of revival.

Driving the news: Fourteen North American producers have filed for bankruptcy thus far during the second quarter, per a tally from the law firm Haynes and Boone, which closely tracks the sector's finances.