Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

Rethinking the Model for Cybersecurity Technology Innovation

The cybersecurity industry is at an interesting point in its evolution. Business is booming (Gartner expects global information spending to hit $113 billion by 2020), and the cybersecurity technology ecosystem is thriving for both large, established vendors with extensive resources and nimble, innovative startups.

The cybersecurity industry is at an interesting point in its evolution. Business is booming (Gartner expects global information spending to hit $113 billion by 2020), and the cybersecurity technology ecosystem is thriving for both large, established vendors with extensive resources and nimble, innovative startups. With market conditions like these, one would easily believe that a steady stream of new technological developments and eager cybersecurity entrepreneurs and developers are well-positioned to keep churning out innovations for another decade. But that hasn’t proven to be the case.

For example, if you look in even the most advanced network SOC today, you’ll see the same point solutions (antivirus, firewall, IPS, etc.) that security teams have been using for over a decade. While these products have evolved over time, the changes have been more iterative than innovative – hardly a strategy that will keep pace with the rate at which adversaries are evolving.

Traditional methods of creating, delivering and operationalizing security innovations have grown ever more complex due to a combination of several market factors:

Fragmented data stores: Even the best machine learning and artificial intelligence techniques rely on a critical mass of telemetry and threat intelligence to train their analytics engines, which is only available in bits and pieces from multiple sources, not to mention adding vendor sprawl, complexity and putting additional burdens on limited resources.

Increasing workflow complexity: Organizations must stitch together dozens of products to support use cases across threat identification, analysis, prevention and mitigation. Each new deployment increases complexity, restricts automation and puts a high burden on limited human resources, resulting in lower security outcomes.

Need to rapidly consume new security capabilities: Attackers constantly innovate, and organizations must be able to rapidly adjust their security capabilities to detect and prevent successful cyberattacks in a highly agile, automated and instrumented way, without deploying new infrastructure that needs to be purchased (Capex) and managed (Opex). 

We need to rethink the way we design, adopt and deploy new security innovations. We need security solutions that can support hundreds of use cases and applications, not just a few. And there needs to be a better way for tomorrow’s cybersecurity innovators to deliver and deploy the next disruptive security applications. In short, we need a new consumption model for security.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Security Infrastructure

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.

Funding/M&A

Identity and access governance vendor Saviynt has closed a $205 million financing round.

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture

ICS/OT

Security orchestration, automation and response (SOAR) provider Swimlane on Monday announced the launch of a security automation solution ecosystem for operational technology (OT) environments.

Incident Response

Created and maintained by MITRE, MITRE D3FEND is a framework that provides a library of defensive cybersecurity countermeasures and technical components to help organizations...

Cloud Security

The term ‘zero trust’ is now used so much and so widely that it has almost lost its meaning.