Elly Yates-Roberts |
Cybersecurity has a complexity issue. As security vendors continue to stock the metaphorical shelves with innovative new solutions that protect rapidly evolving infrastructures, many organisations have amassed unwieldly collections of security controls in their shopping carts. According to research conducted by ESG, more than half of organisations run 30 or more security tools. Though they may be best-of-breed solutions, these controls often don’t work effectively together or don’t fit into the context of an organisation’s security maturity, strategy and even personnel. It’s natural to think that more technology equals more protection, but growing complexity can often have the opposite effect by dragging down security and IT teams as they spend more time and resources on managing tools than they do fighting the adversary.
Therefore, convergence and consolidation are crucial moving forward. Security vendors are moving towards new levels of built-in integrations delivered on top of well-architected platforms, thus offering security teams a path to consolidation. This consolidation is increasingly strengthening security controls while optimising operations – and it’s happening in all areas of security. Take email security, for example. While email security was originally thought of in terms of secure email gateways, it has evolved to protect against much more sophisticated threats like phishing, impersonation attacks, business email compromise attacks, post-delivery detonation and brand exploitation, to name a few – thus creating mini platforms of value around email security. As these mini platforms progress, security architects now have a path to combine best-of-breed security with converged platforms that can strengthen security posture while optimising and simplifying operations.
No one platform will ever provide every necessary control, so integration between platforms will remain critical. The burden falls on security vendors and partners to make this happen for the customer. Platform vendors must architect their platforms with integration in mind and develop relationships with other core security platform providers. This can lead to out-of-the-box integrations and the creation of an ecosystem that offers security teams a fast and effective means of implementing an integrated security architecture.
Mimecast has architected such a platform. Through our industry-leading open application programming interface program, we’ve partnered with dozens of the world’s industry leaders, including Microsoft, in related security and computing disciplines to construct a purpose-built, cloud-first mini platform that’s also integrated into the larger ecosystem. For organisations, this frees up valuable time once spent on handling multiple solutions, consoles, and recurring security orchestration, automation and response issues, thus reallocating resources to tackle the most pervasive threats.
Jules Martin is the vice president of ecosystem and alliances at Mimecast
This article was originally published in the Spring 2021 issue of The Record. To get future issues delivered directly to your inbox, sign up for a free subscription.