Broadly speaking, unified security solutions allow enterprises to more easily manage and/or integrate the various products that make up their security environment. They come in two major categories: foundation, which foster integration within a single provider’s portfolio, and the next level, where they also facilitate integration with third party products.
Critically, unified security vendors need to embrace the concept of open integration and APIs to maximise buy-in from as broad a base as possible. For example, the Fortinet Security Fabric platform approach offers a huge number of integrations with third party solutions out-of-the-box. This ecosystem of complementary technologies and services provided by the alliance partners boasts a major benefit in that it helps customers gain more robust security provision and lower the total cost of ownership.
The reason why unified security is so interesting is because it is a rare example of a security topic becoming prominent due to customer demand. This is in contrast with the usual cycle, where solutions come to market on the back of either the evolving threat landscape (e.g. ransomware) or developments in technology (e.g. next generation endpoint).
Unified security is on the rise precisely because of the problems caused by the threat and technology-led nature of security product development. Incremental add-ons and product releases have contributed to security product estates becoming so complex as to be unmanageable. Indeed, some CISOs now regard their security estate as a risk itself, due to the lack of integration and visibility a multi-product environment creates. In response, enterprises are seeking solutions to cut through this complexity.
While there has long been anecdotal evidence of this trend, IDC now has a data point to back up this claim. According to IDC’s 2017 Western European Security Survey, this is becoming a critical factor in European product selection. Roughly one third of respondents make spending decisions based on how well a product integrates with other products in their existing environment (which also lets them retire products or consolidate vendors). For comparison, a further third select products based on price, and the final third on technical capability.
On the other hand, organisations today are increasingly looking to outsourced security service providers to provide both greater return on their security investments and cost reductions. Maintel’s managed security service, for example, delivers global threat protection, delivered from strategic unified security partners, with the 24x7 ongoing support and expertise required to enable the full spectrum of an advanced unified security solution.
Indeed, with the recent WannaCry and NotPetya malware attacks, more organisations are looking to managed security service providers (MSSPs) that offer integrated solutions that protect from both inbound and outbound threats to thwart today’s modern, blended threats.
By leveraging solutions that offer security-as-a-service, organisations can monitor the security integrity of their infrastructure while maintaining robust threat detection, end point security, log management and compliance, gaining a holistic view of their security posture.