Even With No Recession, Smaller Firms Aim to Consolidate Security Tools

  /     /     /  
Publicated : 23/11/2024   Category : security


Even With No Recession, Smaller Firms Aim to Consolidate Security Tools


Small and midsized companies work to jettison some security tools to simplify operations and reduce cost, even as any economic downturn continues to remain at bay.



Enterprises are not the only organizations looking to consolidate their security tools and vendors in the face of a potential economic slowdown — small and midsized businesses are looking to reduce their costs and simplify their security as well.
The vast majority (86%) of SMB customers using managed security service providers (MSSPs), for example, are aiming to reduce their current portfolio of security tools, according to a survey published this week by OpenText. The majority of those businesses are driven primarily by an effort to reduce costs (28%) or to simplify complex security environments (26%), the survey found.
Consolidation does not just benefit the company, but can help the provider of security services as well, says Geoff Bibby, senior vice president at OpenText Cybersecurity, a cybersecurity conglomerate.
Consolidation is two-fold, he says. Businesses are going to service providers because they dont have the staffing or financial resources to purchase and manage multiple tools, and from the service-provider perspective, fewer tools — and fewer vendors — means simplified billing and greater ease of doing business.
Consolidation of vendors has become a major trend following the rush to adapt to the pandemic-era business landscape by moving more services to the cloud. By mid-2022 — when
83% of companies predicted a downturn in the coming year
— three-quarters of companies planned to
reduce the number of security vendors
they used, up from 29% in 2020. The top strategies explored by companies were reducing non-essential spending (43%), re-evaluating vendors (30%), and decommissioning infrastructure (29%), according to
Spiceworks Ziff Daviss 2023 State of IT report
.
Efforts to cut costs remain strong, despite a reprieve in the dark economic forecast. A majority of economists (59%) polled in May
still predict
that the US would enter a recession in the next 12 months, but poor-performance predictions have remained unfulfilled as employment numbers and the stock market
continue to resist a downturn
.
This is the most anticipated recession that wont ever seem to arrive, and all of the data indicates that it might never arrive because none of the factors for recession seem to be there, says Jeff Pollard, vice president and principal analyst at market intelligence firm Forrester Research.
Yet while economic risks certainly spurred concerns over IT and IT-security budgets, initiatives to both simplify and reduce the cost of security operations inside companies has a life of its own, Pollard says.
If you go back ... to the heady days of growth just nine months ago or so, what I was consistently hearing from security leaders was: too many tools, too many products, he says. And it wasnt based on an economic argument. It was based on simplification of technology and portfolio rationalization — they felt like they had too many security controls and too many security products.
Business intelligence firm Gartner sees a similar picture. Most midsized enterprises (MSEs) — firms with $50 million to $1 billion in revenue and up to 2,500 employees — are looking to reduce the number of vendors, but rather than focus on consolidation, the companies are looking to optimize their security operations, says Patrick Long, an analyst with Gartner.
Such optimization generally focuses on two approaches. Outsourcing to service providers allows companies to overcome a shortage of security workers, because there are currently 21 IT employees for every security-focused employee, he says. Another form of consolidating is through the products, adopting all-in-one suites from a single vendor, which helps reduce licensing costs and can result in more holistic security capabilities, he says.
Currently, two-thirds of MSEs (68%) are pursuing security-vendor reduction strategies, while the remaining third have delayed consolidation but will likely simplify their security within the next three years, Long says.
They are optimizing their architecture and integration strategies, vendor management, workforce management, and their costs, he says, adding that current economic conditions influence security vendor consolidation but is not the primary driver for consolidation.
Reducing the number of security products is not easy. Licensing can often become a blocker, especially if a company signed long contract periods, and products from the same vendors do not always have seamless integration, says Forresters Pollard. In addition, any adoption of an integrated product will require a security team to learn the new system, so efficiency gains can take a while to materialize, he says.
When you buy a bundle and consolidate, in theory, the product will integrate well, but what I really hear from a lot of security leaders is that the cost savings, frankly, doesnt often materialize, Pollard says. Because what you wind up having to do is learn a new product, a new solution, and people have to get trained on it, so you have to modify your processes.
Yet companies are making headway. Overall, companies that pursue consolidation have seen IT security costs decrease by more than 2%, with data security costs reduced by a quarter and identity management shrink by more than a third, says Ben Pippenger, chief strategy officer at Zylo, a SaaS management platform.
There tends to be some redundancy within security categories, he says, pointing out the cloud identity and access management are among the top-15 most redundant software functions, with nearly five applications handling that capability in the average company.
While security is an important business function, its one that could still likely benefit from consolidation, he says.

Last News

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security

▸ Criminal Possession of Government-Grade Stealth Malware ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Even With No Recession, Smaller Firms Aim to Consolidate Security Tools