So, the question he poses to the security industry is: Why can't there be a MIDI for all the security products and solutions?
"Such a direct interface standard for cybersecurity – similar to what transformed the music world – could transform the security world as well and help enterprises reduce complexities, streamline processes and provide direct value back to the business through better visibility and insight."
Erik Avakian, CISO, commonwealth of Pennsylvania
Isaac Kohen, CEO at Teramind, agrees that consolidation would streamline operations and simplify security protocols. When he first entered the industry, programming black-box trading algorithms, IT norms were to prohibit and lock out as many people as possible to protect data, he says. But, he soon found that this was an ineffective way of solving the issue because it made the task too difficult for many people.
"Vendors can simplify their tools and services for adopters while keeping their security strong via consolidation and automation," says Kohen. Using consolidation techniques, vendors can offer robust and interconnected tools that offer a bird's-eye view with easy drill down, he says. "Security professionals need quick insight into risk and security incidents, and consolidation allows them to avoid looking at multiple reports to get their answers."
Additionally, Kohen says that automation is a key benefit for today's adopter. For example, machine learning-based detection algorithms, automated and real-time notification, and automated reactions to misuse and potential breaches simplify everyday tasks and most importantly offer immediate intervention, he says
Other experts point to the infiltration of consumer devices into the enterprise as both an improvement in efficiency, but also a risk to security. Certainly the past 10 years have seen the rise of the “consumerization of IT,” the idea that consumer technologies are now finding their way into enterprises.
As a consequence, Dirk Morris, chief product officer at Untangle, says employees have come to rely on the ease-of-use and the power of BYOD devices, cloud services and social media, and naturally, they don't want to check these tech tools at the door.
"Most organizations have already had to come to terms with the security challenges introduced by this trend, but many have also adopted consumer tech as a way to save money, increase business agility and improve productivity," says Morris (left). "In the process, they have shifted their fundamental perceptions as to what is an acceptable level of complexity when it comes to technology deployments."
This trend is reflected in the demand for simple, but powerful, security products that present a comprehensive solution for the whole stack of cybersecurity challenges, he explains. "In the below-enterprise market, this has resulted in the introduction of multi-function firewalls or unified threat management systems that can tackle not only an array of network security threats, but also handle a range of other services – including web security, email security, bandwidth shaping and traffic monitoring."
With the explosion of IoT devices, Morris says that he expects to see continued convergence – and simplification – with even tighter integration between network and endpoint security, as well as a host of adjacent technologies from threat intelligence to SIEM.
The cloud's silver lining
Despite moves for integration, many solutions lacks the means to communicate with each other. However, with the advent of the cloud and its mass acceptance, some see a silver lining.
In today's ever-evolving technology landscape, security has become a very fragmented space, says Neill Feather, president at SiteLock. "It's challenging for businesses to find a single security vendor that can address all of their security needs. However, there are clear leaders in the endpoint and web application space."
For security providers looking to simplify their services and drive adoption, Feather recommends they operate as a “one-stop shop” for their customers. "Not only this, but providers need to make sure their services are easy to implement and intuitive to manage internally. Cloud-based security solutions provide customers with easy on-boarding and flexibility – eliminating the use of any external hardware and dramatically reducing expense."
Should an attack or breach occur, offering a clear remediation path will become even more essential, Feather says.