Magnum Consulting analyst Frank J. Ohlhorst
James Chappell, CTO and co-founder of threat intelligence firm Digital Shadows, believes collaboration has been evolving in areas such as skills, standards and threat intelligence.
“Vendors in the information security sector recognize that very few technologies can be viewed as the 'one paracetamol for all headaches' – no vendor is an island,” he tells CSO.
“Security is such a broad topic and requires investment in a range of capabilities, rather than a single one. This means that naturally there is an eco-system of product areas that relate to each other. For example, we work closely with internal security monitoring and incident triage systems so that the alerts that we create and the services we provide can augment and enhance the incident-response process.”
Raj Samani, CTO of Intel Security and Europol adviser, is perhaps less convinced on the levels of collaboration between vendors, although he is heartened by the closeness which now exists between vendors and security agencies in bringing down criminal infrastructure.
“There have been unprecedented levels of collaboration,” said Samani, pointing to US law enforcement working groups and Europe’s European Cybercrime Center (EC3), which have worked with private sector firms to launch operations again criminal groups.
“It’s certainly moving in that direction whereby we’re seeing vertical alignment, product interoperability, and better collaboration [between] the public and private sector.”
Plenty of areas to collaborate, but interoperability a distant dream
In many ways, vendor silos are to be expected in a security market which analysts expect to grow to $170 billion by 2020.
Technology providers naturally look to differentiate their products around their unique features, while the ever-changing security landscape means that solutions, standards and even protocols can come and go almost overnight.
And yet despite this need for specialization, there is a clear recognition from industry that traditional security products need better interoperability to improve end-user protection. There is awareness now that traditional security products, such as firewalls and IDS systems, can’t stop increasingly complex attacks alone.
The leading vendors are looking at collaboration, through API integration and SaaS and cloud-based business models to improve interoperability. API integrations, in particular, allow for the exchange of threat, vulnerability or security event data information across different products.
Nik Whitfield, CEO at big data analytics software provider Panaseer, says his firm integrates data from Qualys and Symantec. “Historically, security vendors have done little to support clients in joining the dots between security systems.
“Indeed, some considered this a threat to their business. However, the vendor ecosystem is becoming more integrated as enterprises realize that viewing a security tool in isolation is meaningless, and only a joined up picture across all defenses will give them the context-rich picture they need.
Sign up for CIO Asia eNewsletters.