“Cybersecurity platform” continues to be an industry buzzword. Vendors talk about it at industry events, and many analysts. But can every vendor claim to offer a platform and also be credible? More importantly, how does that help your business? The security industry has evolved by responding to emerging threats with new, shiny tools, resulting in many disparate tools. Most organizations (over 60%, according to ESG research) are looking to consolidate security vendors. This trend for fewer tools is also showing better results. A recent Cisco CISO Benchmark Study cited organizations with fewer vendors saw less than 5,000 alerts per day versus 10,000 alerts (over 66% of organizations). Teams were able to focus on more important work like remediation and those with less than 10 vendors had higher average response rates. But fewer vendors can mean fewer management consoles reducing the complexity. Fewer siloed vendors may be a step to a cybersecurity platform. It seems to be a driver for a platform approach or integrated architecture, as suggested by a customer in the Cisco report.
“If we can reduce the vendor footprint and have a more integrated architecture, that helps us significantly. I would rather have more automation on the back-end through an integrated architecture than having to slap something on top of it and write some new scripts to bring it all together.” —Cisco CISO Report 2019
What is a Cybersecurity Platform?
ESG Research dug deeper into this platform appeal by surveying organizations to learn their desire for a cybersecurity platform and what the top attributes for this platform are. The attributes help provide a definition of a cybersecurity platform and fall into three driver buckets: Must Be Comprehensive, Make It Simple, and Embrace the Cloud.
How Does McAfee Stack Up?
This is a good list to use to evaluate if you are looking to take a cybersecurity platform approach. McAfee reviewed the ESG criteria to test our platform approach and found that we are 100% on target. See the results in the ESG paper McAfee’s Enterprise-class Cyber Security Technology Platform.
Core to the McAfee platform is industry-acclaimed McAfee ePolicy Orchestrator. There’s also the mature and proven messaging fabric, Data Exchange Layer (DXL), which connects and optimizes across security functions and provides real-time threat intelligence to the entire security ecosystem. Our customers agree—watch our video about Prime Therapeutics. They are detecting threats and correlating data with McAfee ePO, DXL, McAfee Threat Intelligence Exchange, and McAfee Active Response.
Who Are the Platform Players?
Looking at the attributes, not all vendors can meet the criteria. Most security vendors offer just one distinct security tool. Offering a platform requires a vendor to have an integrated portfolio and/or willingness to easily integrate with other security functions. If they do match the criteria, you can dig deeper to find a few “gotcha” items.
Most organizations believe that taking a platform approach for their cybersecurity will yield higher efficacy and stronger operational efficiencies. These metrics can translate into better business outcomes like saving $1 million when an organization can respond efficiently to contain a cyberattack within 30 days of a data breach (IBM Cost of Data Breach Study 2018).
McAfee has held the position for years that security working together is better. Comment below with your cybersecurity platform perspective.