What Is Cybersecurity Platformization?

Why Is Cybersecurity Platformization Gaining Momentum?

Cybersecurity platformization is a strategic response to this complexity. It’s the move from a collection of disparate point solutions to a single, unified platform that integrates multiple security functions.

Dickson describes it as the “canned integration of security tools so that they work together holistically to make the installation, maintenance and operation easier for the end customer across various tools in the security stack.”

This approach has been gaining momentum over the past seven to 10 years, driven by organizations weary from managing the integration of different security tools. A point solution approach leaves security teams managing application programming interfaces for dozens of tools from different vendors, a task that becomes Herculean if vendors break the integrations when they update their APIs.

“Vendors are very motivated to make sure their stuff works with their stuff and not so motivated to make sure their stuff works with other stuff,” Dickson says.

DISCOVER: Here’s a cyber resilience strategy that supports success.

The Hidden Costs of Managing Disconnected Tools

The most significant hidden cost of a fragmented, multitool security strategy is labor. Managing disconnected tools is a resource strain on an organization, as it requires individuals with specialized skills for each tool.

This includes the labor-intensive task of managing API integrations and manually coding “shims,” or integrations to translate data between different tools, which often have separate protocols and proprietary interfaces, Dukes says.

Beyond the cost of personnel, there’s the operational complexity. “Analysts do not want to have to have multiple screens up, with multiple windows, trying to look at one data source, open it and then try to actually make sense out of it,” he says.

The proliferation of AI tools in cybersecurity is bringing this to a head, Dukes says, because “it’s going to speed up a lot of the analysis that needs to be done.”

Additionally, there’s the cost of licensing from multiple vendors, with each one likely to increase prices. The more vendors an organization uses, the more difficult it is to get beneficial pricing, notes Dickson.

Click the banner below to read the recent CDW Cybersecurity Research Report.

Key Benefits of a Platform-Based Cybersecurity Strategy

One of the most immediate benefits of adopting a platform approach is cost reduction. This includes not only the reduction in licensing fees but also a reduction in the operational complexity and the number of specialized employees needed. As Dukes says, “I can actually reduce head count and use tools to make up the difference for that.”

Another key benefit is the well-worn concept of a “single pane of glass,” a single dashboard that enables IT security teams to have easier management and reporting. Instead of multiple tools with different interfaces and data formats, a unified platform streamlines everything into a single, cohesive view.

Additionally, platformization offers significant advantages in data management and storage. Many platforms, like Microsoft Sentinel or CrowdStrike, offer free storage for their native logs and telemetry. This can deliver major cost savings, as vendors often charge organizations more to store data from third parties.

Another benefit of platformization is enhanced threat detection for organizations, because a single platform can consolidate data from multiple sources and perform first-level analysis on it. This allows for a more holistic view and correlation of potential threats, using data from different sources, such as endpoint detection and network-based data collection. Disconnected point solutions can’t do this because they’re not informed by data elements from other sources.

FIND OUT: Why identity and access management can simplify data privacy and compliance.

This consolidated approach also leads to a more efficient and accurate threat response. The platform can perform analysis at a much greater speed than humans manually moving data back and forth.

Tools that natively talk to one another require “less gymnastics” to get them to interact, Dickson says, so there’s a tendency to have better mean time to detection (MTTD) and mean time to remediation (MTTR).

This aligns with the perspective of Jon France, CISO at ISC2, a security certification organization, who says platformization “benefits from the gestalt effect, when the whole system, viewed as a single entity or a single pane of glass, is more effective than the sum of its individual parts.”

“In essence, when things are consolidated into fewer places and combined, we can get valuable insights from the combined data and signals,” he adds.

What to Look for When Evaluating Cybersecurity Platforms

When evaluating a platform, CISOs, CIOs, CTOs and other IT leaders must shift their focus from tactical best-of-breed criteria to a more strategic, outcome-centered approach, experts say. 

As Dickson suggests, instead of asking if a tool has the best EDR or detects the most malware, IT leaders should focus on how the platform will impact MTTD and improve MTTR.

Here are some key factors to consider:

• Company pedigree. Look at the company’s history and reputation, Dukes says. Has it been in the security business for a significant period of time, and is it still innovating?
   
• AI integration. Assess how well the company has already integrated AI into its product, Dukes notes. Many platforms already use AI to provide automated analysis and dashboards, which can make the problem more scalable.
   
• Scalability. Understand how the offering will scale as your business changes. Leaders need to know that a digital transformation won't suddenly cause a huge, unexpected bill, Dickson says.
   
• Time-to-value. How long does it take to get the platform installed and delivering value? In today’s fast-paced environment, organizations need solutions that can be implemented and show value in a short amount of time, sometimes even in a day, Dickson says.

However, the benefits of platformization also depend on the skills of the cybersecurity workforce. “Our research found that 90% of cybersecurity professionals report skills shortages, and 64% say skills gaps are a greater challenge than staffing shortages,” France says.

AI (34%), cloud security (30%) and zero trust (27%) are the top areas of shortage, he adds: “This ties into platformization since organizations can’t fully realize the benefits of integrated platforms without the people who have the right skills in place to interpret the data effectively.”

Ultimately, adopting a platform approach is a strategic, long-term decision. It’s a migration, not a one-time purchase. By focusing on these key factors, organizations can choose a partner that will help them navigate this complex journey and achieve a more secure and efficient cybersecurity posture.