There are hundreds of security vendors across the security stack. You have providers for cloud, email, network and endpoint security, as well as threat, malware and DDoS protection, among phishing and whaling protection, insider threat detection and a whole lot more.
The trouble is, a huge number of these solutions don’t ‘play’ well with one another, with this often making life difficult for security teams adopting these technologies. At the same time, these same teams are expected to keep up with an ever-changing landscape and criminals who innovate faster than most Fortune 500 companies.
Magnum Consulting analyst Frank J. Ohlhorst captured this collaboration issue perfectly in an opinion piece last year.
“IT security has become one of the most complex elements of a modern IT environment, requiring layers of protection, along with advanced analytics to block attacks, halt intruders and secure data. Nonetheless, the current layers of security fail at times, often due to a single vendor approach to creating those layers of security.
“Naturally, vendors are not all to blame, except for the fact that a lack of collaboration and technology transfer among those security vendors effectively creates silos of protection, regardless of the number of layers installed.
“Simply put, the threats of today are larger than any one vendor, meaning that the isolation of security technology must become a thing of the past.”
Collaboration is idealistic, but required
Security professionals, however, believe that vendors are largely moving in the right direction with collaboration, primarily because it is the ‘right thing to do’.
“Idealistically, my response is [collaboration] is what you should do to make systems as secure as they can be,” says Pete Wood, CEO of penetration testing outfit First Base Technologies.
“[Collaboration] greases the bumpy road of building systems out of multiple vendor products," he said.
“Compared to a few years ago, there is a lot more collaboration between vendors,” Alienvault security advocate Javvad Malik tells CSO Online.
“At a technical level, this is seen where many vendors have opened up their platforms with APIs to allow transfer of data. On the research side, many vendors have collaborated to investigate, identify, and even disrupt threat actors.
Operation BlockBuster last year is a good example of this, which saw Novetta group leading a coalition involving AlienVault and Kaspersky’s global research and analysis team. Operation Blockbuster was an alliance between multiple security suppliers to disrupt numerous cyber-espionage campaigns that had been active for a number of years, targeting financial firms, media houses and manufacturing companies
Simply put, the threats of today are larger than any one vendor, meaning that the isolation of security technology must become a thing of the past.
Sign up for CIO Asia eNewsletters.