I am seeing many security vendors developing products to unify solutions into a single management interface. I fear this is just a sales tactic to gain greater market share and not intended to help the plight of CISO’s
A recent article from ComputerWeekly highlights a vendor sponsored report that concludes forthcoming unified solutions are greatly desired by CISO’s and will be embraced by the industry. I am suspect that although the survey data is likely accurate, the overall conclusion is flawed.
Managing many cybersecurity products is a major headache and of course every CISO wants a magic ‘single pane’ to access all the solutions, but the industry has evolved to this state for very good reasons. There is no ‘silver bullet’ security solution that gathers data and protects everything, therefore multiple products are needed. Unfortunately, each one has their own interface.
When cybersecurity vendors begin creating a cross-vendor integrated unified solution (insert marketing buzzwords), they invariably pay more attention to the smooth integration of their products as compared to others for an up-sell opportunity. That is the moment the model breaks as the whole purpose is to keep the best tools and not be forced to one vendor just because they have some level of extensibility with other platforms. I see these as thinly veiled attempts to boost sales and not a real attempt to benefit the customer in supporting multi-vendor architectures.
I would rather see an open standard, solution agnostic, industry direction where security vendors would support open formats (ex. what STIX/TAXII has done for threat intelligence exchange) and connect via API’s to configurable integration platforms.
CISO’s should be able to benefit from a common management interface that supports the ability add/remove all the best solutions over time.