Network security is undergoing a continuous transition. One of the key organizational drivers is consolidation, Gartner VP Analyst John Watts pointed out at this week’s Gartner Security & Risk Management Summit.
The analyst firm has been tracking this trend for a number of years where network security vendors are consolidating and customers are demanding fewer suppliers. “This convergence of the two sides — supply and demand — is changing how network security is delivered.”
“What we found in our survey data was that the main reason why security teams want to consolidate is to simplify operations, and long-term lower the overall total cost of of operations,” he added.
This trend is evident in the rise of secure access service edge (SASE) solutions. The 2024 Gartner CIO and technology executive survey showed roughly 40% of respondents said they had deployed or will deploy SASE within 24 months.
“That is a large number. It’s one of the top technologies year over year on the radar for our CIO and technology executives, which is interesting because it’s not the CISO audience, so this is an effort often driven by the infrastructure and operations (I&O) teams where they’re combining networking and security together,” Watts told SDxCentral.
But consolidation isn’t a one-size-fits-all solution. Organizations are grappling with several key issues, including the struggle with multiple security consoles and controls, lack of visibility, the battles of native vs. third-party solutions and best-of-breed vs. consolidation.
“What we see is a dynamic where customers have a lot of vendors, sometimes it’s procurement driven, once it’s consolidated to strategic vendors. Then that’s the scenario where the CISO has to negotiate and explain why they need additional third parties to complete their security posture. And other cases the CISOs may want to consolidate for simplifying operations.”
The future of network security consolidation
The “right” approach depends on the organization’s specific needs and risk tolerance. However, Watts summarized four ways that organizations can consolidate and get fewer vendors or technologies, including the following:
- The platform approach: Platforms such as SASE and web application and API protection (WAAP) offer single-team ownership and centralized management and visibility. Vendors like Palo Alto are consolidating their product lines into a smaller number of platforms, while encouraging customers to adopt more features or products from these focus areas.
- Single-vendor convergence: This approach can streamline the purchase and management of different product lines and multiple management interfaces with bundled licensing. It involves multiple teams on the customer side.
- Multivendor convergence: For those who prefer a best-of-breed approach, multivendor convergence provides integration from different vendors with multiple teams and owners and different management consoles. It can be applied in areas such as network detection and response (NDR), extended detection and response (XDR), microsegmentation, and API Security.
- Cybersecurity mesh architecture (CSMA): Gartner defines CSMA as a collaborative ecosystem of tools and controls to secure a modern, distributed enterprise. This approach maintains best-of-breed, but it’s all integrated on the back end through a data plane that coordinates between different tools, including policy and configuration, identity fabric, and security intelligence.
Watts recommended organizations pick a strategy aligned to their security needs, identity consolidation and convergence impact both good and bad on business and network security, adopt flexible licensing models, and build cross-functional teams across I&O, security, cloud and application silos.
Image: Gartner VP Analyst John Watts. Credit: Gartner.
This post was originally published on the 3rd party site mentioned in the title of this this site