Dive Brief:
- CIOs are experiencing a cybersecurity anomaly. Nearly 9 in 10 organizations had a breach in the last year, according to a Vanson Bourne survey of 1,000 IT leaders commissioned by service provider Logicalis Group. Half of respondents said they overinvested in security technology while the same proportion admitted they don’t fully use features they’ve paid for.
- Complexity was a major challenge. More than half of respondents said they struggled to patch existing systems and 51% reported lacking access to adequate security tools.
- “After more than a decade of security spending on point solutions, the research findings show this patch approach isn’t delivering value for money and is actually the source of more problems,” said Bob Bailkoski, Global CEO of Logicalis, in a press release.
Dive Insight:
While the IT community is fixated on demonstrating a return on AI investments, tech executives are also focused on another ROI problem: getting their security spend to pay off.
Despite devoting budget to point security products to bolster defenses, enterprises haven’t seen threats diminish, Logicalis found. Identifying security gaps remains elusive, with only 58% of respondents reporting confidence in their ability to do so.
A proliferation of point security products was borne out of a necessity, as IT footprints and threat landscape evolved, but it’s come at a cost, according to Fernando Montenegro, VP and practice lead for cybersecurity at The Futurum Group.
“In terms of procurement, [CISOs] are still very much after product effectiveness — they want to buy things that work,” he said. “But that’s quickly followed by, ‘How well does it integrate with what they already have?’”
Complexity has led some customers to seek a more consolidated, comprehensive security approach, turning to strategic vendor partners and asking if they can do more, Montenegro said.
Meanwhile, IT providers are breaking out of product silos, rounding out their offerings through strategic acquisitions and integrations. Google scooped up cloud security platform provider Wiz for $32 billion in March and security vendor Palo Alto Networks bought Protect AI, which focuses on securing AI and machine learning systems, last week.
For tech executives, a platform approach to security can simplify the procurement process. Consolidation can also bring cost savings and a deeper relationship with vendor partners. There are potential tradeoffs to consider, such as vendor lock-in, according to Montenegro.
“In the broader scheme of things, you might be OK with lock-in if it’s going to accelerate your business overall,” he said. “But that’s a decision every CIO has to make, every CISO has to make.”
