The increasing volume and sophistication of cyberattacks over the last few years has resulted in millions of dollars of investments in new cybersecurity startups, in more and more security tools created by cybersecurity companies and in huge investments in these new security solutions by enterprises.
To try get a handle on all these new tools, enterprises have needed to invest in more and more security employees to deploy, manage and analyze security data being generated –creating what we call a “big data problem.” An enormous investment in time and money managing these growing security forces naturally followed.
Although some will not admit it, these investments have by and large generated chaos where we need clarity and clumsiness where we need agility.
Although all security vendors and service providers are trying to innovate and develop new solutions that are more successful thwarting advanced threats, if we look at the success rate of attackers vs. dollars spent by the defenders, it seems that attackers are still innovating at a faster pace – the mouse seems to be scurrying faster than the cat in this cat and mouse game.
Here’s the crux of the problem: new security tools and features represent incremental innovation, not paradigmatic changes. True innovation in cybersecurity would mean a “zero to one” change, or, in others words, a real “value innovation.”
A true value innovation in the today’s cybersecurity arena should include three things:
• Simplicity in a world of complex, slow and static defense architectures
• A nimble, adaptive and programmable security apparatus (as opposed to a new product or product improvement)
• The ability to utilize crowd intelligence seamlessly
Zero to one innovations would entail that defenders put the cat ahead of the mouse, i.e. create security solutions faster than the attackers do, independent of security vendors.
In today’s market, more does not mean better. We need innovation that makes more of what the industry already has by turning what we have into what we need.
One key to achieving zero to one innovation can be found in “Security Abstraction.”
When a system reaches a certain level of complexity, it needs to be simplified in a way that will allow it to scale. Systems become convoluted when they include many components with different capabilities, speak in different languages, and are integrated with each other in complicated ways. Abstraction is a key capability required for simplifying this complexity and enabling this type of scalability.
A few very successful examples of how abstraction technologies from other industries helped include smartphone operating systems (i.e., Android, IOS) that in just 5-6 years transformed the entire industry by simplifying the development of apps (which are often very complex); website design platforms which enabled advanced websites to be created simply (i.e., Wix); and SDDC (software defined data centers) platforms that abstract networking components in order to simplify them, creating smarter networks with more business value.
The bottom line: less is more. Security abstraction can simplify existing security infrastructure, allowing it to be much more flexible, adaptive and quick to react against any type of attack, making sure that in this perennial cat and mouse game, the mouse, aka the hackers, will ultimately be the losers. A zero to one innovation!