For the longest time, we’ve been told that the best defence against cyberattacks is to use a defence-in-depth (DID) strategy, which involves using dependent layers of security controls so a failure in one doesn’t impact all others.
Today, enterprises will likely have multiple layers of security piled on top of one another from network, perimeter, application, endpoint security, session, human, and presentation to the transport layer. Countless point solutions are available for each layer.
According to a Ponemon Institute Cyber Resilient Organisation Report, businesses typically deploy 45 cybersecurity tools on average to protect their networks and systems. Having so many solutions doesn’t guarantee 100% protection. The report noted that businesses that use more than 50 cybersecurity tools register an 8% decline in threat detection effectiveness and a 7% decrease in defence abilities.
One of many – the security protection conundrum
The business of protection is complex. A 2021 Statista survey listed the 15 most common categories of security solutions deployed by organisations. Just as new malware is born every minute, so it should come as no surprise that new solutions, and new security vendors, are also proliferating on the back of new threats. By way of closing the circle, regulations and frameworks are being developed because of the discoveries – both threats and solutions.
Conceived by the National Security Agency (NSA), defence in depth is the concept of protecting a computer network with a series of defensive mechanisms such that if one mechanism fails, another will already be in place to thwart an attack.
Years on since its inception, the information security industry has spawned a market estimated at US$150 billion in 2021. McKinsey estimates that at the current rate of growth, damage from cyberattacks will amount to US$10.5 trillion annually by 2025.
At the recently concluded CPX APAC 2024, one of the ideas presented was the concept of security as a platform. The premise is that given the spiralling complexity of the threat landscape, and with it the solution sprawl that is growing from the security industry, the CISO and security team are not going to be adequately able to cope with the situation.
Reflecting on discussions with customers, Check Point’s Eyal Manor, VP of product management says organisations acknowledge the cybersecurity challenges they face, often experiencing firsthand the repercussions of breaches—from costly incident responses to strained relationships with customers and regulatory bodies.
“They struggle to fill security positions and manage the complex array of security solutions available,” he adds. “It's not just about telling a story; it's about showing that the story walks and demonstrating that our solutions deliver tangible results.”
What is platformification
Ron Shevlin is said to have coined the term platformification and referred to it as a plug-and-play business model that allows multiple participants to connect to it, interact with each other, and create and exchange value.
In the context of information security, Mayor defines a platform as addressing two critical challenges faced by organisations globally: escalating threat levels and the overwhelming fragmentation of the security landscape.
The exponential rise in threats like ransomware and data breaches has intensified the pressure on CISOs, leading to stressful situations and increased turnover. He adds that the security industry's fragmentation exacerbates the problem, with countless solutions flooding the market in response to emerging vulnerabilities.
“There can be a new vulnerability today, and tomorrow we have 8 startups fixing the problem,” he opines.
Revisiting best-of-breed’s value proposition
The original notion of best-of-breed is the ability to bring together solutions and practices from at times competing experts to meet the enterprise’s requirements. Operationally, this is not ideal because it introduces complexity in the management of the different parties that an enterprise is sourcing to solve specific requirements. It also leaves the organisation potentially holding the bag when an incident occurs.
Is best-of-breed still relevant in cybersecurity in 2024?
Manor has observed a shift away from the best-of-breed approach towards a more streamlined best-of-suite or platform model. “While best-of-breed solutions have their merits, the proliferation of vendors—up to 70 in some cases—can lead to inefficiencies and increased vulnerability to breaches,” he reveals.
“Today, few C-level executives prioritise managing such a large vendor ecosystem. Instead, they lean towards centralised platforms that offer comprehensive security solutions.”
He cautions; however, that this doesn't mean compromising on quality. “We rigorously test and benchmark our solutions against third-party tests and fierce competition, ensuring they provide top-tier security while also prioritising simplicity over the allure of best-of-breed functionality,” reflecting Check Point’s approach to the situation.
The road to security consolidation
The merits of consolidation to a handful of experts to solve the complexity of security has its appeal. But the security stack is complex, and investments have been occurring for years, if not decades. Manor acknowledges that any consolidation will not occur overnight.
“In this rapidly evolving landscape of innovation and emerging threats, CIOs and CISOs must focus on two critical questions.
“Firstly, they need to assess the effectiveness of their security measures in meeting regulatory requirements, industry standards, and internal policies, all while considering resource constraints.
“Secondly, there's a crucial need for education regarding the importance of threat prevention. Many still associate it with negative impacts on user experience or business continuity.
“We must dispel these misconceptions and emphasise that threat prevention is paramount,” he posits. “By educating stakeholders and implementing gradual deployment strategies, we can ensure that security measures are both effective and seamless, without compromising performance or usability.”
