Last updated at Wed, 23 Aug 2023 13:00:01 GMT
When it comes to security vendor consolidation, Gartner found that 57% of organizations are working with fewer than ten security vendors, utilizing consolidation to cut costs and improve their overall security posture.
But what about the other 43%?
While security vendor consolidation has many advantages — like improved security and operational efficiency as well as cost reduction and improved ROI — however, it’s clear that some myths about consolidation persist. Let’s take a deeper look at three of the most common consolidation myths:
- The supremacy of “best of breed” security solutions
- Lack of flexibility or vendor lock-in
- Increased risk of vendor compromise
Myth #1: The supremacy of “best of breed” security solutions
One of the biggest myths of security vendor consolidation is that after consolidating, organizations will lose access to the superior “best of breed” security approach. “Best of breed” refers to purchasing the best product of each type for your infrastructure’s security needs. This could look like using one vendor for firewall protection, another for observability, a third for remediation, and so on.
While it is true that a “best of breed” approach seems to allow organizations to piece together a tech stack of all the best possible products, that’s not the whole story. Organizations with “best of breed” solutions often end up with technology bloat, or a larger tech stack that requires far more maintenance than single-platform or more streamlined offerings. Additionally, there’s more data created from using tools from multiple vendors, which can actually increase an organization’s attack surface and overall risk level.
Some “best of breed” environments are plagued by interoperability issues — the tools fail to communicate with each other and exchange information properly. This can result in a poorer overall security performance characterized by false alarms and a higher mean time to resolve (MTTR).
Myth #2: Consolidation kills flexibility and creates vendor lock-in
Many security teams believe that consolidation locks you into working with a single or smaller number of vendors who may prove to be unreliable or offer subpar services. In reality, you can easily address concerns of vendor performance and flexibility by carefully researching potential vendors before selecting a solution. During the vetting process, ask potential vendors questions around on- and offboarding, security, maintenance, subscription, and licensing fees.
It’s also important to remember that many vendors offer flexibility within their consolidation packages, which means that you often will be able to build a portfolio of products to meet your needs as opposed to being locked into a specific package.
Finally, working with fewer vendors allows you to develop stronger relationships with fewer vendor representatives, resulting in more comprehensive customer service and support.
Myth #3: Increased risk from vendor compromise
Many organizations fear that after consolidating, if one of its vendors is compromised, then it presents a serious security risk. This is easily avoidable, however, if organizations practice consolidation across functions and not layers.
In general, secure organizations have layers of security, or redundancies in place to catch and remediate vulnerabilities quickly. This approach, also known as “defense in depth,” may look like a security solution to monitor your endpoints and a separate tool to manage threats in your ecosystem.
You don’t want to consolidate within these layers. For example, let’s imagine that you have the same security provider for both your endpoint monitoring and threat management. If the vendor is compromised and unable to provide protection, your infrastructure would be without endpoint management and threat management at the same time, which presents a serious security risk.
Consequently, you’ll want to consolidate across functions. It may be helpful to picture your security needs within a layer. For example, if you’re looking for greater endpoint protection — monitoring, visibility, and remediation — you can look for consolidation solutions in this area. Consolidating across functions can actually strengthen your security posture. Working from a single platform can improve data sharing across tools, efficiency, and remediation processes, creating a stronger layer of security. Then, if a vendor is compromised, you’ll still have active protection from vendors in your other layers.
Consolidation just makes sense
Hesitation around security vendor consolidation is understandable. It’s important not to rush and choose the wrong vendor or platform, which can ultimately put your organization at risk. However, widespread consolidation myths may be holding you back from reaping the financial, operational, and security benefits of consolidation.
Lowering costs is a big one. Organizations with a variety of security vendors are paying for each service, and often, multiple licenses. Consolidation offers a chance to cut costs of multiple subscription and licensing fees, as well as reap the benefits of competitively priced consolidation packages.
Consolidation also boosts operational efficiency. Organizations with too many security vendors struggle with visibility, false alarms, and gaps in their infrastructure’s coverage. The interoperability that consolidation offers can eliminate false alarms and boost visibility, while working with security vendors to build a customized consolidated security package that fits your organization’s needs.
When it comes to consolidation, breaking down the major misconceptions can lead to a stronger, more cohesive security solution equipped to handle the rapidly changing threat landscape.
Want to learn more about consolidation and where to get started? Check out our eBook, “The Case for Security Vendor Consolidation.”