RSAC 2024: A 'mindset shift' in cybersecurity industry as vendors prioritise integrations
The message from customers — that they expect security products to work well together — is increasingly being acted upon around the industry, top vendor and solution provider executives told CRN
Cybersecurity vendors are putting more emphasis on meeting the needs of customers through integrating effectively with products from other vendors, reflecting a noteworthy change in attitude around much of the industry, top vendor and solution provider executives told CRN US.
While the security industry still has much further to go, the signs of the beginnings of this shift were everywhere during the RSA Conference in San Francisco, executives said.
The concept of alliances between security vendors is certainly not new. But according to top executives such as Proofpoint CEO Sumit Dhawan, the motives for integrating are different now than in the past, with a greater focus by vendors on responding to the customer demand for unified platforms.
Previously, "as players in the cyber [industry], we typically have worked in an arm's length approach and done very selective integration for convenience," Dhawan said in an interview with CRN US.
However, major cybersecurity vendors "are now doing integrations for the purpose of delivering the best customer value — which is different than doing integrations for convenience, for adding capabilities into your product," he said. "That's a shift in the industry that I'm seeing."
The arguably long-overdue development comes in response to a convergence of many of the big trends in the cybersecurity world: Customer and partner struggles over tool sprawl and complexity, the shortage of talent needed for managing tools and the urgent needs from multiple directions to bolster security.
As a result, an increasing number of vendors are seeing that the demand for consolidating tools into a unified platform can also be answered by closely integrating with others in the industry, according to Sanjay Beri, co-founder and CEO at Netskope.
"I think there's a pragmatic middle ground of realising that nobody should have just one platform for security and networking. Instead, let's have a few [platforms], and we integrate," Beri told CRN US. "I think it's a bigger theme."
Reducing tool fatigue
When it comes to vendor integrations, tool fatigue and the need for rationalisation of security products among customers "is really driving that further," said Bill Young, managing partner at Optiv.
"That means that now we don't want to have a bunch of disparate little tools running around. We need to have things that are working together," Young said. "So I feel like the narrative — ‘How do I fix the tool sprawl from the industry?' — has become a question of, ‘How do I make [tools] more valuable by integrating with the rest of the ecosystem?'"
Ultimately, "that's why I think we're seeing a lot more of that integration conversation," he said. "It's that, ‘If I don't play nice with the other tools, then I'm just an island — a tool that's going to get dropped.'"
While many vendors on the packed show floor at RSAC 2024 touted integrations rolled out recently, the week of the show itself also saw an array of new alliances announced.
The general availability launch of CrowdStrike's Falcon Next-Gen SIEM, for instance, saw integrations unveiled with dozens of vendors including Netskope, Zscaler, Proofpoint, ExtraHop, Trellix and Palo Alto Networks.
Data engine provider Cribl unveiled a pair of integrations, with Microsoft and Wiz, which CEO Clint Sharp said reflects the massive demand from customers for different tools to link up together.
"What we're seeing in the marketplace is, enterprises want the best of everything across all the categories of security," Sharp told CRN US.
Just ahead of RSAC 2024, meanwhile, Orca Security and Aqua Security announced a new partnership and integration, in spite of the prior rivalry between the cloud security vendors in a number of areas.
Currently in the cybersecurity industry, "there's good co-opetition," said Securonix CEO Nayaki Nayyar.
"Yes, we want to compete for sure," she said. "But there's also integration and partnerships that are becoming much, much closer."
Customers have ‘been pretty clear'
At Trellix, which supports more than 500 integrations with other vendors, CEO Bryan Palma said that customers have shown again and again that "they don't want a bunch of siloed, proprietary systems."
"I think we're long beyond where that's appropriate," he told CRN US. "We should be listening to customers. They've been pretty clear about that."
Netskope's Beri said it's apparent that even the industry's prime example of a vendor that offers security capabilities in nearly every category, Microsoft, is now "more open to integrating" than in the past.
"Many of these [vendors] realise that, ‘You know what? The world wants us to play well with everybody for the betterment of the customer,'" he said.
For Proofpoint, Dhawan said the "mindset shift" in the cybersecurity industry has been evident as his company has worked with some of the other biggest players to enable their tools to integrate effectively amongst each other.
"When we are reciprocating with CrowdStrike, with Palo Alto [Networks], with Okta and others in the industry, we're seeing the same degree of interest from them to do that," he said. "I truly believe it is [a major shift]. I think it's something that the security industry has to, and is starting to, learn."