Since the 1950s, the
Cavendish banana has dominated the world market. Its thick skin makes it easy
and stable to transport, and its flavor and seedlessness give it broad appeal.
But the Cavendish banana’s lack of seeds is fast becoming its downfall. Without
seeds, the Cavendish banana cannot reproduce naturally. It must be cloned. This
lack of genetic diversity in the world banana crop has resulted in a monoculture
that leaves the Cavendish incredibly vulnerable to disease. Indeed, banana
plantations are rapidly succumbing to a fungus known as Tropical Race 4 – a new
strain of the Fusarium fungus that wiped out the Gros Michel, the banana that
dominated the world before 1950.While the woes of the
Cavendish and the Gros Michel before it bear obvious lessons for global
agriculture, they also carrying a warning for the cybersecurity industry: lack
of diversity can make everyone more vulnerable to threats.An industry ripe for
consolidation?
Ask any analyst,
reporter, or financial observer, and they’ll tell you that the security market
is ripe for consolidation. For years, security vendors have proliferated,
buoyed by high valuations and ever-expanding enterprise security budgets. While
this rush to innovate has resulted in better and more sophisticated threat
defenses, it has also created a complex web of tools which already overworked,
overwhelmed, and understaffed security teams must manage.This tool sprawl is one
reason that so many in and around the security industry believe that an era of
consolidation is coming. According to ESG Research, 66 percent of
businesses are actively working to consolidate their security portfolio.But it’s not the only
indicator. A recent spate of acquisitions have amplified the M&A hype.
Splunk acquired Phantom, BlackBerry acquired Cylance, Cisco acquired Duo and
more recently, Verizon and Comcast made forays into the market with the
purchase of ProtectWise and BluVector, respectively.An Appealing PropositionFor many in the security
industry consolidation holds a lot of appeal, and they cite the cloud industry
as a perfect example of what consolidation can offer.A decade ago, cloud was
the newest, hottest market. Definitions were loose and valuations were high.
But as the market has consolidated, it has stabilized around three major
players — AWS, Azure, and Google Cloud Platform (GCP) — each of which has its
own constellation of associated vendors. It has created continuity and
consistency, and made it easier for organizations to plan an intelligent
migration strategy.So the thinking goes:
consolidation worked in the cloud, why not in security? After all, security
vendors today claim they do just about everything. Why not leverage
a security platform that encompasses everything, offering a one-stop-shop, silver-bullet
solution for enterprise security?Why Not? Because that’s
bananasLet’s go back to the
Cavendish for a moment here. Monoculture might have made it incredibly easy and
cheap to grow billions of bananas to feed global demand, but it also proved to
be the banana’s Achilles heel. Rather than having to adapt itself to a variety
of banana genes, the Tropical Race 4 fungus only had to figure out one.Now apply that logic to
cybersecurity. If every organization uses an identical or nearly identical set
of security tools, breaking into one means breaking into them all. And once
threat actors figure out how to break in once, they’ll have the keys to every organization.
Just like Tropical Race 4 is burning through the Cavendish banana population, a
single cyber threat could take down a vast number of organizations.In the case of
cybersecurity, heterogeneity of defense systems is itself a defense.Have your bananas and
eat them tooAt this point, you might
be starting to think this is a zero-sum game. Either suffer an endless
proliferation of security tools, or adopt a homogenous security framework that
potentially exposes the organization to greater risk. The good news is that,
with some organizational collaboration, you can have your bananas and eat them
too.For security teams,
collaborating with other parts of the IT organization can actually improve
security posture and reduce tool sprawl. Increasingly, we’re seeing customers
take a cross-functional approach to tool consolidation, looking at how various
IT operations tools can be leveraged by security, and how security tools can be
used by IT operations. In this case, consolidation can mean reducing the number
of tools used across the entire organization, rather than relying on the security
industry to merge into a one-size-fits-all solution.This collaborative
approach also creates opportunity to leverage other parts of the organization
to improve security posture through smarter processes and practices. While
DevOps and IT Ops may never be threat hunters, their domain expertise may well
provide insight and understanding that can improve overall security operations.Some Final Food for
ThoughtConsolidation is
positioned as the inevitable route in security — but it doesn’t mean it’s the right route.
In security in particular, diversity and innovation are themselves some of the
strongest defenses we have. We should continue to foster and encourage the
upcoming generation of healthy cyber start-ups, and look for cross-functional
ways to integrate next-generation technologies.There are too many strong vendors. There’s too much market need. And there’s too much progress to be made. We need more bright, forward-looking minds working to solve today’s cybersecurity challenges – not fewer. Just ask the bananas.Jeff Costlow, Deputy CISO, ExtraHop
Research from Ipsos, commissioned by Optus, indicates that one in three Australian small businesses have experienced a cyber incident, yet many remain underprepared.
Regional security operations centers generate between $1.1 million and $2.6 million annually, cyber clinics up to $150,000 annually, and state cyber corps between $1.4 million and $7.5 million each year.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
