Analytics

11/12/2014
10:45 AM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

Better Together: Why Cyber Security Vendors Are Teaming Up

Alliances, mergers, and acquisitions are ushering in an era of unprecedented "co-opetition" among former rivals for your point solution business.

Chief Information Security Officers have been grumbling for some time about the perplexing abundance of cyber security point solutions and the lack of integration among them. Enterprise security departments often need to buy a separate solution per threat or vulnerability. In many cases, these newly introduced solutions don’t communicate with one another, and, worse, they tend to require security teams to log on to multiple, vendor-specific management consoles maintaining dozens of point solutions, each targeted at a niche gap within a comprehensive defense strategy.

We agree with the CISOs on both counts: the need to consolidate resources and the claim that, historically, vendors have done little to "play together." However, we also believe that in 2014 there has been increased cooperation and partnership among cyber security vendors to the point that the CISOs’ concerns are finally being addressed, albeit gradually.

Understandably, the cyber security industry has followed the progression of most enterprise technology sectors:

  • First, there’s innovation scattered across hundreds of isolated startups.
  • Then, there’s healthy competition for the customers’ mindshare and budgets.
  • Finally, the economies of scale kick in and drive vendors to collaborate through partnership and consolidation.

This year, for example, we have seen the formation of the Cyber Threat Alliance, founded by Fortinet, McAfee, Palo Alto Networks, and Symantec to work together in good faith to improve defenses against advanced cyber adversaries by sharing with each other their most recent threat information. Concurrently, Check Point announced a similar alliance with a number of vendors, including iSIGHT Partners, CrowdStrike, NetClean, PhishLabs, and others. In this case, threat intelligence from vendors is natively integrated into Check Point’s ThreatCloud security intelligence infrastructure in a way that customers can simply “turn on” intelligence feeds from non-Check Point vendors with the click of a mouse.

Earlier this year, Hewlett Packard introduced HP Threat Central, a collaborative security intelligence platform that lets security vendors exchange threat data, analysis, and mitigation strategies in order to battle threats as an industry. Arbor Networks was one of the first vendors to participate in HP Threat Central by delivering intelligence about DDoS, malware, and botnets that threaten Internet infrastructure and network availability. In fact, Arbor Networks formed its own global threat analysis network, dubbed ATLAS, and secured more than 300 ISPs, which have agreed to share anonymous traffic data.

Also during 2014, the market witnessed partnerships occurring between cyber security software companies that wanted to make it easy for their customers to concurrently use solutions from separate vendors. For example, now Sophos Mobile Control is fully integrated with Check Point Mobile VPN so that customers can have network access control for any mobile devices attempting to use the corporate network. And Tenable is now integrated with ThreatGRID for better malware detection. There are many other such alliances that have been formed across the industry.

The most aggressive form of integration among cyber security vendors has come in the form of mergers and acquisitions, which have been undertaken partly with the goal of offering customers more comprehensive security suites of integrated solutions that work seamlessly together. For example, FireEye, which detects and blocks attacks, acquired Mandiant, a company providing cyber incident response services, for $1 billion. It then bought nPulse, a provider of network forensics. Palo Alto Networks, a provider of next-generation firewalls, spent $200 million to acquire Cyvera, which developed cyber defense products preventing remote attacks on Microsoft-based servers and end-points. Then there was the acquisition of incident response provider NetCitadel by email security company Proofpoint, and the acquisition of incident response developer Carbon Black by endpoint security provider Bit9. Lastly, Cisco acquired a cyberthreat intelligence company, ThreatGRID.

In summary, while we agree that, so far, cyber security vendors have been almost entirely inwardly focused and concerned predominantly with pushing their own solutions, this year we have witnessed a turning point in which many vendors realized that addressing customers in unison with pre-integrated solutions can increase sales for everyone. Integrated solutions are easier for customers to buy and operate. They simplify and expedite buying decisions, and represent more formidable competition versus solutions that are more difficult to onboard harmoniously.

In the year ahead and going forward, we foresee increased collaboration among cyber security vendors as an accelerating trend that will help the industry combat the villains. In the long run, if cyber security companies fail to cooperate, they risk facing growth challenges and may damage the industry’s momentum -- a losing proposition for all.

Yoav Leitersdorf and Ofer Schreiber are Managing Partner and Partner, respectively, at YL Ventures, which invests early in cybersecurity, cloud computing, big data, and software-as-a-service software companies, and accelerates their evolution via strategic advice and Silicon ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Yoav Leitersdorf
50%
50%
Yoav Leitersdorf,
User Rank: Author
11/12/2014 | 10:02:15 PM
"Co-Opetition" Indeed
It is not easy to be a CISO (Chief Information Security Officer) at an enterprise these days.  Not least because enterprises are now experiencing a tsunami of cybersecurity attack vectors that is unprecedented in both the magnitude and variety of attacks.  New cybersecurity threat categories are constantly being created, resulting in the nonstop introduction of myriad point solutions – with hundreds of security vendors emerging every year.  Increased collaboration among these vendors is key to helping CISOs fight cybercrime thereby making cyberspace safer for all of us.  We are delighted to see "co-opetition" become one of the key cybersecurity industry trends of this year.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
11/12/2014 | 3:31:13 PM
Re: NSA, FBI, CIA...
I agree Marilyn. Everybody wins with collaboration. Obviously no one has unlimited resources to address big challenges.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
11/12/2014 | 3:24:00 PM
Re: NSA, FBI, CIA..
I would be surprised if NSA, FBI and CIA are not collaborating. They certainly share information.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
11/12/2014 | 3:22:05 PM
Collaboration
Collaboration amount vendors is a good news for us. Getting resources together and addressing the today's security issues is the way to go. No vendor standalone can really handle it properly.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
11/12/2014 | 2:34:08 PM
Re: NSA, FBI, CIA...
I think the fact that the cybersecurity vendors are collaborating is a big plus for enterprises  -- and hopefully -- will produce a more integrated and comprehensive defense against attackers. Go co-opetition!
Whoopty
50%
50%
Whoopty,
User Rank: Ninja
11/12/2014 | 12:59:25 PM
NSA, FBI, CIA...
It kind of makes sense for these organisations to cooperate, considering they serve the same goals. Yes it's a little different than agencies working on a national level, but if it offers better security and doesn't compromise any ideals each of those individual companies have, then why not?
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Worst Password Blunders of 2018 Hit Organizations East and West
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20161
PUBLISHED: 2018-12-15
A design flaw in the BlinkForHome (aka Blink For Home) Sync Module 2.10.4 and earlier allows attackers to disable cameras via Wi-Fi, because incident clips (triggered by the motion sensor) are not saved if the attacker's traffic (such as Dot11Deauth) successfully disconnects the Sync Module from the...
CVE-2018-20159
PUBLISHED: 2018-12-15
i-doit open 1.11.2 allows Remote Code Execution because ZIP archives are mishandled. It has an upload feature that allows an authenticated user with the administrator role to upload arbitrary files to the main website directory. Exploitation involves uploading a ".php" file within a "...
CVE-2018-20157
PUBLISHED: 2018-12-15
The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files.
CVE-2018-20154
PUBLISHED: 2018-12-14
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated users to discover all subscriber e-mail addresses.
CVE-2018-20155
PUBLISHED: 2018-12-14
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings.