Dive Brief:
Organizations that have consolidated security spending into integrated platforms have experienced improved cyber resilience and stronger operational efficiencies, according to a study released Tuesday by IBM and Palo Alto Networks.
Managing security stacks has been a struggle for organizations, which juggle an average of 83 different security tools from 29 different vendors, according to the study.
More importantly, the “platformization” model reduces the time it takes to identify and mitigate security incidents by an average of 74 days and 84 days, respectively, the study found.
Dive Insight:
The report takes a close look at a controversial push in recent years to consolidate security spending toward platforms that integrate multiple tools. The tradeoff is that this typically entails working with a single vendor. Enterprise security teams have increasingly complained of tool sprawl, where dozens of security tools are deployed across corporate IT networks and deluge security staff with false alerts as the volume of malicious cyberattacks become more powerful and harder to detect.
Best of breed and integrated should not be mutually exclusive, noted Karim Temsamani, president, next generation security at Palo Alto Networks. Both CIOs and CISOs are in alignment that companies need better and faster security outcomes, he said.
“It’s under-appreciated how much complexity the number of disparate tools and vendors puts on a security team to fully deploy, integrate and operationalize all of these capabilities, without having gaps,” Temsamani said via email.
The study also showed that organizations that platformized their spending generated four times greater ROI than non-adopters, even though the consolidated users spent less overall.
“In addition, the study noted security complexity and concerns can hamper an organization’s digital transformation efforts, often deterring innovation and experimentation,” Mark Hughes, global managing partner for cybersecurity services at IBM, said via email.
The IBM Institute for Business Value conducted the study with Oxford Economics, surveying more than 1,000 executives across 21 industries and 18 countries.
Major security firms such as Palo Alto Networks, CrowdStrike, Microsoft and others have found themselves increasingly competing for large enterprise customers, in a bid to get them to ditch more specialized vendors and instead consolidate their global security spending to a single security provider.
The competition spiral became an industrywide concern in 2024, as Palo Alto Networks aggressively pursued a strategy by offering deferred payments and other incentives to customers who consolidated their business on its platforms.
