Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

Rethinking the Model for Cybersecurity Technology Innovation

The cybersecurity industry is at an interesting point in its evolution. Business is booming (Gartner expects global information spending to hit $113 billion by 2020), and the cybersecurity technology ecosystem is thriving for both large, established vendors with extensive resources and nimble, innovative startups.

The cybersecurity industry is at an interesting point in its evolution. Business is booming (Gartner expects global information spending to hit $113 billion by 2020), and the cybersecurity technology ecosystem is thriving for both large, established vendors with extensive resources and nimble, innovative startups. With market conditions like these, one would easily believe that a steady stream of new technological developments and eager cybersecurity entrepreneurs and developers are well-positioned to keep churning out innovations for another decade. But that hasn’t proven to be the case.

For example, if you look in even the most advanced network SOC today, you’ll see the same point solutions (antivirus, firewall, IPS, etc.) that security teams have been using for over a decade. While these products have evolved over time, the changes have been more iterative than innovative – hardly a strategy that will keep pace with the rate at which adversaries are evolving.

Traditional methods of creating, delivering and operationalizing security innovations have grown ever more complex due to a combination of several market factors:

Fragmented data stores: Even the best machine learning and artificial intelligence techniques rely on a critical mass of telemetry and threat intelligence to train their analytics engines, which is only available in bits and pieces from multiple sources, not to mention adding vendor sprawl, complexity and putting additional burdens on limited resources.

Increasing workflow complexity: Organizations must stitch together dozens of products to support use cases across threat identification, analysis, prevention and mitigation. Each new deployment increases complexity, restricts automation and puts a high burden on limited human resources, resulting in lower security outcomes.

Need to rapidly consume new security capabilities: Attackers constantly innovate, and organizations must be able to rapidly adjust their security capabilities to detect and prevent successful cyberattacks in a highly agile, automated and instrumented way, without deploying new infrastructure that needs to be purchased (Capex) and managed (Opex). 

We need to rethink the way we design, adopt and deploy new security innovations. We need security solutions that can support hundreds of use cases and applications, not just a few. And there needs to be a better way for tomorrow’s cybersecurity innovators to deliver and deploy the next disruptive security applications. In short, we need a new consumption model for security.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Madhu Gottumukkala has been named Deputy Director of the cybersecurity agency CISA.

Wendi Whitmore has taken the role of Chief Security Intelligence Officer at Palo Alto Networks.

Phil Venables, former CISO of Google Cloud, has joined Ballistic Ventures as a Venture Partner.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.