Is cybersecurity vendor consolidation worth it? Here are the pros and cons
Know the facts before making big changes to your cybersecurity solution stack.
According to a survey conducted by TechTarget’s Enterprise Strategy Group™ (ESG), 63% of organizations currently leverage more than 25 unique cybersecurity products. While keeping dozens of solutions in your toolbelt may help keep your organization safe, it can also weigh you down with tremendous management burdens, inconsistent support SLAs, and spiraling renewal costs.
At a glance, the solution seems obvious: consolidate your cybersecurity vendors to simplify management and reduce costs. But without careful consideration, consolidation could inadvertently increase your exposure to dangerous cyberthreats and security breaches.
Before you make sweeping changes to your solution stack, it’s important to know both the benefits and disadvantages of cybersecurity vendor consolidation.
The case for cybersecurity vendor consolidation
As Shakespeare famously wrote (not really), “To consolidate, or not to consolidate? That is the question.” The answer is entirely unique to each organization – because where you start in your consolidation journey will ultimately influence where you’ll end. Consider how vendor consolidation can help you with the following:
1. Reduce the impact of the cybersecurity skills gap
As approximately 600,000 cybersecurity jobs sit empty (with that number expected to grow in the coming years), your expansive security solution stack has likely become a point of contention with your talent acquisition teams.
On one hand, these solutions inform what kind of talent you need to join your InfoSec, IT administration, and cybersecurity teams. On the other hand, having to monitor and manage dozens of solutions makes it virtually impossible to find applicants with experience across your entire solution suite.
By consolidating your cybersecurity vendors, you reduce the number of technologies and platforms your teams need to specialize in – making it easier to find applicants who make a great fit for your organization. After all, what good are your 20+ cybersecurity solutions if your IT staff lack the skills to leverage half of them?
2. Improve visibility over your environment
Seldom are multivendor cybersecurity environments managed under a single console. When subsets of your security stack are sequestered to different consoles, you create visibility silos that prevent you from getting a holistic view of your environment.
By consolidating your cybersecurity vendors, you can reduce the number of management consoles you use – making it easier to paint a fuller picture of your security posture.
3. Lessen your management burdens
According to a recent survey conducted by Checkpoint, a majority of organizations cited the following as their biggest cybersecurity challenges:
- Adequately training staff (66%)
- Setting and managing policies (53%)
- Dedicating manual labor for inadequate integrations between solutions (51%)
It’s no wonder why – with dozens of solutions in your environment, often with minimal or unoptimized interplay between them, managing your cybersecurity stack can be migraine-inducing at best.
When you consolidate your cybersecurity vendors, you lessen the inoperability between your solutions, making it easier to skill teams according to your needs, set organization-wide policies, and integrate solutions into as few platforms as possible.
The case against cybersecurity vendor consolidation
Vendor consolidation isn’t always a rosy tale of success. In fact, according to Palo Alto, large cybersecurity vendors have a history of doing too little too late to address new threats.
Without proper diligence, increasing your reliance on a select few vendors could actually make you less secure – even if your intent was the exact opposite.
1. Having fewer vendors weakens defense-in-depth strategies
Just as you may rely on a UPS battery backup to keep the lights on during a power outage, so too may you rely on your multivendor environment to keep your organization secure if one or a few of your solutions go down. This strategy of maintaining redundant defensive measures is known as “defense-in-depth.”
As you pursue vendor consolidation, you may end up weakening your defense-in-depth strategy by removing redundancy and forcing yourself to endure a single point of failure. If your solutions experience unexpected downtime, sourcing them all from the same vendor can rapidly make the failure systemic, leaving entire departments within your organization defenseless until functionality is restored.
2. Legacy architecture makes consolidation incredibly difficult
For many organizations, multivendor solution stacks aren’t the result of a deliberate deployment strategy, but rather years of software sediment. SHI’s Field CTO Dave Gruver said it best:
“Over time, applications build up like sediment. A new tool comes out, and you buy it without removing your old tool. After years and years, you finally stop to look at your solution stack and find a ton of layering and overlap.”
But because your architecture has spent years – if not a decade or more – relying on the same aging technologies, removing them for the sake of consolidation can be catastrophic. Critical systems can go down, must-have applications can lose function, and years’ worth of policies and protocols and be lost.
3. Not all solutions benefit from consolidation
While efficiency and efficacy are primary drivers for vendor consolidation, some solutions are actually more flexible when they operate separately.
Two examples, according to Stellar Cyber, are SASE and XDR. While most organizations may want their SASE and XDR solutions to function together, about half of Stellar Cyber’s survey respondents found they function more efficiently when kept distinctly separate but interoperable.
When planning your potential cybersecurity vendor strategy, it’s important to avoid blanket consolidation. Instead, determine which solutions work best as part of a unified platform – as well as those which don’t.
Do what’s best for your unique needs
No matter what path you take, it’s important to remember your cybersecurity vendor journey is wholly unique to your organization. Consolidation is a sweeping, often all-encompassing endeavor that, when done right, can reduce costs and increase efficiency. But if done too hastily and without proper research, you could expose your organization to cyberthreats and unwanted risks.
When determining your next steps, it’s important to weigh the pros and cons of vendor consolidation:
- You can reduce the impact of the current cybersecurity skills gap.
- You can improve visibility over your environment.
- You can decrease platform management burdens and increase operational productivity.
- Consolidation can threaten your defense-in-depth strategy.
- Consolidating legacy architecture can be prohibitively difficult.
- Some solutions function better unconsolidated.
Luckily, SHI and Palo Alto make it easy to weigh the benefits and disadvantages of cybersecurity vendor consolidation. Our industry experts recently collaborated for SHI’s “Solve what’s next” webinar series, discussing the many ways vendor consolidation can improve – or be detrimental to – certain aspects of your business. You can access the on-demand recording for free.
View our webinar, Streamlining security: The pros and cons of vendor consolidation to gain unparalleled insight for your vendor consolidation journey.