Defending enterprises against the growing frequency and complexity of cyberattacks is becoming an ever-increasing burden to cybersecurity budgets and manpower. An ESG enterprise-class cybersecurity technology platform white paper commissioned by McAfee shows CISOs have “reached a tipping point where the current cybersecurity point tools are no longer acceptable.” Current high-cost, complex strategies using disconnected point tools aren’t working and CISOs are abandoning their collection of cybersecurity point tools in favor of a consolidated, integrated approach.
ESG reports that consolidation is wide spread and growing – 22% of organizations are actively consolidating the number of cybersecurity vendors they do business with on a large scale while 44% of respondents are consolidating the number of cybersecurity vendors they do business with on a limited basis. ESG expects this trend to gain momentum over the next 12 to 24 months.
In response to this consolidation trend, more service providers are attempting to market their disparate tools as a platform. According to the ESG white paper, “Industry hyperbole has led to user confusion about what qualifies as a cybersecurity technology platform.”
Based on ESG’s survey findings, the following eight key attributes should be included in all RFIs/RFPs and become part of every cybersecurity technology platform:
Prevention, detection, and response capabilities. CISOs expect cybersecurity platforms to provide strong defensive capabilities (i.e., rules, heuristics, machine learning models, behavioral algorithms, threat intelligence integration, etc.) capable of blocking and detecting threats with close to 100% efficacy. When threats are detected, cybersecurity platforms should average low false positive rates and provide concise forensic evidence that enables analysts to track events that led to an alert. Cybersecurity platforms should also include simple mitigation techniques such as quarantining a ..