The Perils of Platformization – Source: securityboulevard.com

Estimated reading time: 8 minutes

#TLDR

CISOs continually have to choose between best of breed security vs Platformization and further consolidation of vendors. The emergence of ERP tools presented a similar choice and most ERP projects have ended up as expensive failures. Open Integration is a better alternative today. Cloud providers are driving security products towards use of standardized interfaces, (encompassing findings, logs) and streamlined marketplaces (akin to app stores). Security data lakes and SIEM tools are at the forefront, enabling integrated “XDR” analytics. Increasingly, GenAI is seen as able to democratize the interpretation of data and analytics from best of breed tools for security engineers.

At Symmetry, we believe an integrated best of breed portfolio or “Cybersecurity Mesh” as Gartner refers to it will outperform Platformization in innovation and scale, much like a robust app store would outperform a single vendor mobile device with Blackberry-only applications. 

CISOs should focus on how to maximize the value from your investment in security tools by understanding the overlaps, gaps and opportunities in your security capabilities; and where there are potential overlaps, evaluate the effectiveness of platforms and future investments in delivering the security outcomes needed right now – not future capability.

Introduction

CISOs increasingly think they face a pivotal choice between Best-of-Breed Vendors or a Security Platformization Strategy. Whether you refer to it as “Best-of-Breed vs. Best-in-Suite” or “Platform vs. Point Solution”, it is a debate that started in the ’90s with the advent of enterprise resource planning (ERP) software. There are clear advantages and disadvantages to either approach that are well documented as outlined in Note 1.¹  The adoption of single vendor ERP platforms was likewise driven by the need to reduce complexity, leverage commonalities, unify data, and minimize management overhead.

 A lot can and should therefore be learned from the failure of historical ERP deployments, where the onus was placed on the vendor to reduce the burden of integration across related systems.

Lessons Learned From ERP

Without doubt, ERP was the first real platformization approach – focusing on merging point solutions into a single platform. Before then, every back office application stood as a finely tuned point solution, meticulously designed for specific back-office tasks, be it accounts payable, payroll, or taxes. In the mid-’90s, ERP software emerged, integrating various complementary functions into a single solution and providing a unified insight to management. Customers were tired of trying to merge insights from across these systems themselves and looked to ERP platforms to solve this for them. While the theoretical benefits of tightly integrated ERP platforms are obvious, the practical realization often falls short.

Most ERP systems expanded capabilities through acquisitions, and likewise struggled to integrate themselves – leading to poorly digested integrations with more specialized systems with different code bases and often different approaches to data management. This resulted in serious integration and version-control issues, coupled with a user experience that frankly sucked. The exact same problems that platformization was attempting to address. Acquisitions that focused on code compatibility and similar data management were vastly more successful.

The approach to acquisition first and then engineering effort to enable the planned integration also had a profound impact on innovation—it essentially stifled it. Larger companies invested significant resources in post-acquisition and integration activities rather than innovating themselves, smaller more nimble companies continued to innovate independently and create more demand for M&A to keep pace. The cycle perpetuated, with promising smaller firms getting acquired and their creations attempted to be assimilated into the ERP offering.

The consequence of this acquisition and integration cycle was a set of ERP platforms that evolved into complex and costly platformization projects, posing significant challenges to manage and maintain with no choice to innovate, except through further acquisition.

What Has Changed Since Then?

Integration Has Become Easier

Since the advent of ERP systems, a confluence of technological advancements has laid a roadmap for better integration and adoption of best-of-breed solutions from multiple vendors. Central to this transformation is the widespread adoption of API-based architectures, providing standardized interfaces that facilitate seamless communication between diverse software applications. This has significantly alleviated interoperability challenges, allowing organizations to integrate specialized and innovative tools, including security with unprecedented ease. 

Nowhere is the rate of innovation driven by open integration more noticeable than in the realm of mobile app stores. These ecosystems, flourishing under the influence of API-based architectures, exemplify the advantages of encouraging developers to build on standardized hardware with open integrations. Mobile app stores have become vibrant marketplaces where diverse applications, each excelling in its specialized domain, seamlessly converge. This approach contrasts starkly with the trajectory of companies like BlackBerry, which experienced a decline due to its closed ecosystem reliant solely on BlackBerry-designed apps. The contrast between these two models underscores the transformative power of fostering an environment that promotes collaboration, interoperability, and the integration of best-of-breed solutions from various developers, ultimately shaping a landscape rich in technological diversity and continuous advancement.

The introduction of generative AI has potential to further accelerate this process by expediting the understanding and integration of outputs from a spectrum of security solutions. AI algorithms now play a crucial role in interpreting and harmonizing data, fostering a cohesive and unified security ecosystem.

Standardization of Infrastructure

Moreover, the standardization of infrastructure-as-a-service (IaaS) capabilities, offered by hyperscale cloud providers like AWS, Azure, and GCP, has created a common ground for deploying and managing diverse best-of-breed solutions. These cloud providers not only offer standardized infrastructure but also leverage cloud marketplaces, streamlining the entire process from purchasing to implementation. Cloud marketplaces provide a centralized hub where organizations can discover, procure, and deploy a variety of security solutions. This streamlined approach not only simplifies the procurement process but also enhances the integration of best-of-breed tools into existing security architectures. In essence, these collective advancements empower organizations to build a dynamic and responsive security infrastructure that seamlessly combines the specialized strengths of individual solutions, all within the flexible and scalable environment offered by cloud platforms.

Dominant Security Platforms and Solutions Focus on Single Assets

You may very well argue that dominant security platforms have emerged in the security space, and platformization is the vendor strategy of choice. Security platforms like CrowdStrike, Snyk, Palo Alto Networks and Okta.  But so have best-of-breed solutions like Duo or Thinkst Canary. The key to both? These successful platformization strategies have been most focused and most effective across asset layers as highlighted in Figure 1 below. Alternatively success has been found with integration of data from multiple layers to enable an integrated process flow and customer experience. There are clear leaders in each asset category, as a result.

Shifting Threat and Economic Landscape Focuses CISOs on Value

The contemporary threat landscape and economic outlook has obviously redefined the CISO’s challenge. CISOs need to focus more on optimizing the value of their cybersecurity spend than before. They are judged on the effectiveness in managed risk, in the face of pressure on budgets.  The debate between single vendor or multi vendor approaches has really become less important than optimizing the investment.  The question on most CISO’s minds is therefore where to focus their investment. At Symmetry, we believe that place is no longer on your perimeter network. Nor on your devices but where your most important asset “data” is at its most vulnerable “identity”.

The impact of the Shifting Landscape

It’s clear that this is no longer a debate between multi-vendor best-of-breed vs single vendor security platforms. A single unifying platform that is able to keep pace with the threat landscape not only seems unlikely. Instead judging by history of ERP and other single vendor platforms destined to quash innovation that cybersecurity desperately needs. Instead the focus should be on how to maximize the value from your investment in security tools. This requires CISOs to : 

• delineate the lines between complementary, but slightly overlapping series of products/platforms to maximize the benefits of existing benefits using something like the Cyber Defence Matrix²
• Evaluate the effectiveness of platforms in delivering the security outcomes needed. Can it identify, protect, detect, respond and help recover from security threats to the asset layer it is protecting?  

Along these lines, the integration between best of breed platforms emerges as the future, shaped across key asset layers. This shift is driven by the need to reduce complexity, leverage commonalities, and unified data, and minimizing management overhead. Technology consolidation spans multiple security capabilities, signaling a significant transformation in cybersecurity strategies.

Conclusion

It is clear that a lot has changed since the first ERP deployments that has transformed this decision from one designed to reduce the burden of technical integration on customers to one where CISOs can avail themselves of the best solutions with the same unified benefits of a single platform with less vendor lock-in and increased speed of innovation. These changes include:

• The emergence and use of API-based architectures and generative AI to enable seamless and easier integration across vendors;
• The standardization of underlying infrastructure and particularly data stores to make it easier to use common data models across applications; 
• The emergence of dominant cybersecurity platforms focused on a more resilient approach to Cybersecurity rather than just prevention; and
• Shifting threat and economic environment putting greater emphasis on the value rather than just cost.

The outcome is clear to us. Focus on how to maximize the value from your investment in security tools by understanding the overlaps, gaps and opportunities in your security capabilities; and where there are potential overlaps, evaluate the effectiveness of platforms and future investments in delivering the security outcomes needed right now – not future capability.

The post The Perils of Platformization appeared first on Symmetry Systems.

*** This is a Security Bloggers Network syndicated blog from Symmetry Systems authored by claude.mandy. Read the original post at: https://www.symmetry-systems.com/blog/the-perils-of-platformization/