COMMENTARY. If you are a member of the security team in charge of defending a network, you are probably accustomed to working with a technology stack composed of hardware, software, and data from dozens of different sources.
Consolidating and joining this data can be complex and difficult for customers, but it has become status quo in the technology industry.
Everyone knows that if you want a functional technology stack, you need to invest a significant portion of your budget in a variety of overlapping tools and services, and then be prepared to invest a substantial amount of time on an ongoing basis to make the information relevant and useful for your own business.
With technology designed to improve areas of operational management within a business, progress happens incrementally, according to the amount of time and budget that the business can invest.
Improvement is linear, and the risks are fairly minimal for businesses that choose not to adopt every new technology the moment it is introduced.
As an industry, it's time to address the disconnect within the cybersecurity ecosystem to ensure that our technology is working more effectively for the network defense teams that use our products.
The Case for Tighter Collaboration In its current incarnation, you could make the case that players in the cybersecurity vendor ecosystem have no incentive to cooperate.
Like many technology vendors, cybersecurity providers are often publicly traded, and therefore held to ambitious growth goals with respect to their market share and profitability.
The way the ecosystem works now, many technology vendors charge a premium for their products to interact or integrate with other products.
It's not uncommon for those technology vendors to charge one another, or charge the customer more to access the integrated version.
Vendors will occasionally neglect their integration ecosystem in the event that they might want to enter an adjacent market at some point in the future.
Security teams are often pulling in data from technology vendors that don't trust one another, and therefore have to do a great deal more work to make the tools and information usable in a timely fashion.
Another complication is that buyers and sellers of technology often put too much faith in large research firms that have a vested interest in perpetuating the status quo, rather than supporting innovation or collaboration within the industry.
The United States has the greatest number of cybersecurity technology vendors and business competition within this space is not likely to cease any time soon.
Shared ontologies, vocabularies, formats and frameworks will go a long way toward correcting some of the issues currently faced by our customers with regard to integrating various technologies.
Customers need to start demanding tighter integration, and technology vendors need to take steps to improve the integration between our hardware, software and data.
The list is vendor agnostic and informed by many excellent sources, including the US Intelligence community.
The National Institute of Standards and Technology provides good documentation and recommendations about broad topics like cryptographic strength systems, architectural and configuration best practices, and so forth.
Optimize for joint customer wins using the technologies your customers are already buying.
Ultimately, cybersecurity technology vendors need to do a better job of collaborating for the sake of the organizations that utilize our technology.
This Cyber News was published on www.darkreading.com. Publication date: Thu, 16 May 2024 21:50:26 +0000