As the cybersecurity decision-maker (i.e., CISO), I’m assuming you get vendor calls daily aching for a few seconds of your time to quickly get the elevator speech off their tongue before you have the chance to say “…no thanks.” There are only so many hours in the week; how do we choose which vendor gets our time? My experiences have proven it lies in building partnerships with a handful of cyber solution companies that can cover your entire footprint. One company providing 70+% of your footprint rounded out with a ‘few’ other key solutions.
Based on comments I heard at a recent CISO delegation, the scenarios still exist where assessments show companies using over 100 different security tools and in some cases, unaware of all products owned or what they’re used for. I’m sure you remember in past years the ‘so-called’ industry experts said diversify, many vendors and products, don’t put all your eggs in one basket. Everyone agrees layered security is the best approach, which requires a level of diversity, leading to multi-vendor solutions. But do we really need 100+ different products in our security footprint? We must balance the need for wanting to try latest and greatest tools and managers hitching on to vendor lines…“we’re the best”…without researching the product and trying them in our labs, vs. the cost for licenses, on-going support, future product relevancy/existence, and resource attrition. Companies are developing cyber solutions that effectively cover cloud, network, mobile, endpoint, and application security needs. And where they are not best-in-class on some solutions (i.e., the endpoint, for instance), you can fill that solution with another vendor. CISOs realize the 100+ tool model is unsustainable in today’s world (lack of funding and available resources), and you’ll now find this message at pretty much any seminar these days.
Ok …message has changed for the better, now where do CISO’s find ‘their’ set of solutions? VARs (Value Added Resellers) will tell you to partner with them, “…we’ll bring you the right solution.”They have experts, and yes, this is an option. But I’ve proven it’s not the best. Not only are you at the mercy of partnerships, profit margins, and bias; more importantly, they are not developing the solutions. My experiences have proven we must partner directly with the company(s) developing the code. They don’t just ‘have’ experts….they ‘ARE’ the experts. These companies ‘are’ the labs, every day assessing the latest vector threats, and developing mitigating solutions. The key players I have in mind have been developing (or acquiring in some instances) solutions for the past 20+ years, and continually evolving from a single cyber solution shop to a full spectrum cyber software solution provider. This is your play, and they need to hear from you! You must get to know their C-level staff, product managers, and developers, and get involved in their roadmaps. Ask tough questions, get in the weeds on what each module in their security product suite can do, and let them know where yours and their gaps exist. This last item is key! It’s how you move from having 100+ solutions to having a few. A cyber solution provider is going to move on your gaps for three reasons:
Firstly, you must tell them! Show passion about the subject, how certain solution adjustments could stop you looking elsewhere for that specific cyber protection.
Secondly, be serious about working with them. Dollars do talk, but both sides need to be serious. Quality has to be in their DNA. You’ll only know this by having multiple conversations with their C-levels, Product Managers, and developers.
"The key players I have in mind have been developing (or acquiring in some instances) solutions for the past 20+ years, and continually evolving from a single cyber solution shop to a full spectrum cyber software solution provider"
Thirdly, join their early development programs. This gets you into the ground floor of their roadmap, influencing product strategy; a natural maturation to filling gaps.
In summary, an AI engine must be your endpoint AV solution, PAM is an absolute if you’re serious about protecting server access and related data, and NAC is critical for network protection. These items are table stakes for any suitable security footprint and often come from different vendors. When discussing mobile, endpoint forensics, network visibility, advanced threat protection, cloud security, and application container security, there are big players with large cybersecurity product suites covering most of these items, one dashboard you might say, and able to partner with you and develop their roadmap based on industry and customer needs. Find the one that wants to partner with you, let the ‘phone ring’ with the other vendors who aren’t interested in building that long-term relationship, listening to your needs. It requires rolling up your sleeves, in-depth requirement and roadmap discussions, building relationships with their staff (entire vertical), then finding a VAR you trust to help grow that relationship with the actual cyber solution company.