Digital transformation is reshaping our entire industry, enabling businesses and consumers to engage in more ways than ever before. Digital transformation is hugely powerful, but businesses must recognise the new challenges it presents to IT security experts. For every time a vulnerability is fixed, another vulnerability transpires.
Way back when I started out in the IT Security market, we relied on a good firewall at the network perimeter and desktop anti-virus software. Over time, however, there was a gradual, heightened awareness of the threats of connecting your network to the outside world (via the Internet). This, when coupled with a number of highly publicised data breeches and virus outbreaks, meant companies began to realise how important it was to protect their data.
Data provides an organisation with a competitive advantage and has huge value. Not only this, but organisations spend a huge amount of money collecting and managing the data. In addition, legal frameworks and regulations insist that data is not put at unnecessary risk. Hence, every time a new threat was discovered, the IT team would go out and purchase another piece of security hardware or software. This worked well for a few years but soon started to become untenable due to the high costs and management overhead for customers.
IT security has become a patchwork quilt
As you might imagine, I have sat through my fair share of presentations where IT teams talk about the IT security applications that their organisation is currently using. Normally the PowerPoint slide contains so many logos, it resembles a patchwork quilt. There's no disputing that the market is vast, but stitching them altogether does not always make a successful cyber-security service.
There is one piece of software to manage BYOD, another to manage attacks to web servers, another to prevent email spoofing, another to stop employees visiting undesirable URLs, the list goes on and on. It's very rare that any of these point products actually connect together meaning automation levels are low and manual workloads are very high. Consequently, security analysts are sifting through sys logs several weeks after a breach has happened (so the horse has well and truly bolted!). This lack of automation presents further challenges as companies struggle to recruit and retain skilled cyber-security specialists.
The need for change
Every time we introduce a new security vendor into an IT estate, it means a new set of skills that either the end customer or the channel partner needs to have or needs to source. No one likes taking risks with security, so when it comes to this area, vendor-approved certification is highly desirable. That's fine when you have say ten or twelve security vendors to consider. When you have upwards of 40 plus - as many Enterprises do - it is just too many to manage.
For the IT channel, it is not just about having the certifications (which in itself can be a mammoth task and costly to achieve). They also need to sit down with each of their vendor partners in quarterly business reviews where they plan and then have to actually execute these sales and marketing activities. The cyber-security market has become far too fragmented for both the end users and the channel, meaning we are hindering our own effectiveness.
What's the answer?
Even when you consider the move to cloud, most organisations have a hybrid approach running off multiple cloud platforms. Security is still an essential component. Clearly, if the market was less fragmented we could drive down cost. To do this, we need to look at taking a platform and more solution-based approach to cyber-security. With this type of model, you'd build your security strategy around a far smaller number of key, strategic vendors covering multiple areas of the cyber-security market, instead of the 40 plus today.
Several IT security vendors such as Cisco, IBM and Check Point have already adopted a platform approach. Maybe it is optimistic to think that a customer could consolidate down to a handful of vendors, but a big reduction should be very achievable. This would make the infrastructure far, far easier to manage and won't make an organisation any more vulnerable. In fact, the opposite is likely to be true as there will be better integration and automation between the platform and ecosystem vendors.
We also need to push cyber-security more down the route of automation. This is already happening now to some extent. We are seeing leading security vendors build cognitive IT security into their products. They are able to protect IT estates with far less human intervention.
IT security is always going to be a moving target, just by its very nature. If we are going to stay ahead in the IT security battle, we need a different approach instead of adding more and more vendors to an already saturated IT estate. A consolidated platform and solution approach mixed with Artificial Intelligence would make IT security teams far more effective.
How do we get there? Well there has either got to be a lot of consolidation amongst the IT security vendors, or you consciously have to decide to purchase security solutions from vendors who are moving towards a platform approach.
Contributed by David Ellis, director of security solutions Europe, Tech Data
*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media UK or Haymarket Media.