IT and security teams have too many tools. According to Gartner’s 2020 CISO Effectiveness Survey, 78 per cent of CISOs have 16 or more tools in their cybersecurity vendor portfolio, and 12 per cent of CIOs have 46 or more tools. Working with too many security vendors can result in teams being inundated with alerts, too many interfaces to interact with, and unnecessary complexity, writes Ed Stirzaker, VP Northern EMEA at the cyber firm Forcepoint.
With this in mind, it’s perhaps no surprise that Gartner’s 2021 Top Security and Risks Trends revealed vendor consolidation is one of the top tech trends of the year.
What is vendor consolidation?
Vendor consolidation is a supply management strategy that has increased in popularity over the last decade, whereby a business reduces the number of vendors it works with down to a small group of companies.
Over time, large companies can amass an array of cybersecurity services and tools, often from previous relationships, investments or acquisitions of other companies. Individual departments, geographic regions or business units can find themselves using different tools to accomplish the same tasks. It’s therefore not hard to see how this could get complex very quickly.
Many businesses look to consolidate as a way to reduce costs, streamline operations and reduce their blind spots. Some companies even offer integrated products to help organisations manage the number of vendors in its portfolio. However, reducing apps and services based on cost alone doesn’t mean all problems will be solved.
Added to this is the pressure of tightening budgets, streamlined teams, declining resources and of course, the COVID-19 pandemic. The pandemic has acted as a force-multiplier for business and cybersecurity leaders to make changes. In fact, Gartner recently found that nearly two thirds of companies are making “significant cuts” this year due to the pandemic.
Therefore, security teams need to start thinking differently about how to not only keep up with threats, but ensure their security operations have the necessary speed, agility and impact. This is why organisations must look at both app and vendor consolidation, based on the security needs of the business.
How can businesses manage consolidation?
However, consolidation is not a simple task. What should business leaders be looking for during this process? How do they evaluate the individual vendors and tools they’re using?
As the industry shifts to cloud-based approaches either built on SASE, Zero Trust architectures, or a combination of both, to ensure their consolidated three-year plan is also future-proof, security teams should look at five key steps to vendor consolidation:
1.Get visibility into what tools you have – the first step is to understand what tools and services your teams currently use to gauge the size of the problem.
2.Understand what value the tools provide today – the next step is to find out why these tools are in place in the first place. What value are they bringing to employees?
3.Engage with your vendors and understand where there might be opportunities to consolidate – Teams must then work out where there is potential overlap by engaging with vendors to understand where the opportunities are to combine tools. It’s also important to understand which vendors are willing to be a strategic partner and help drive down cost with you so the business can achieve its goals. Some hard decisions will need to be made at this stage, because you can’t keep all the tools!
4.Once you have decided on which vendors make sense to partner with, be open with them – Next it’s important to have an honest conversation with your vendors on what cost savings need to be achieved and how best to work together. By doing this, teams can set themselves up for success, and you should find that some vendors will come with you on the journey. My ultimate goal as a cybersecurity salesperson is to help my customer achieve his or her business objectives: and our services team can usually find a way to combine or shift product offerings to achieve those objectives!
5.Hold the vendor accountable – Finally, hold vendors accountable to the outcomes you wish to achieve and ensure that the vendor has built a delivery and support model that will ensure a successful consolidation for all parties.
There are clear benefits to tool and vendor consolidation. If done correctly, businesses will be able to feel the benefit of optimised operations, increased cybersecurity coverage and reduced costs, as well as set themselves up for success in the future. With the market still continuing to change and the shift to cloud platforms growing, now is the time to consolidate.
