- Forrester Councils
- Councils Overview
- log in
Posted by Rick Holland on August 18, 2013
Last year I wrote a blog post titled, “Incident Response Isn’t About Point Solutions; It Is About An Ecosystem." This concept naturally extends beyond incident response to broader enterprise defense. An ecosystem approach provides us an alternative to the cobbling together of the Frankenstein’esque security infrastructure that is so ubiquitous today.
Many of us in the information security space have a proud legacy of only purchasing best in breed point solutions. In my early days as an information security practitioner, I only wanted to deploy these types of standalone solutions. One of the problems with this approach is that it results in a bloated security portfolio with little integration between security controls. This bloat adds unneeded friction to the infosec team’s operational responsibilities. We talk about adding friction to make the attacker’s job more difficult, what about this self-imposed friction? S&R pros jobs are hard enough. I’m not suggesting that you eliminate best in breed solutions from consideration, I’m suggesting that any “point solution” that functions in isolation and adds unneeded operational friction shouldn’t be considered.
This ecosystem concept isn’t particularly new, but from a practical and operational reality it is just now bourgeoning. Over the past 18 months, we have seen the emergence of true integrations between endpoint, network security, network visibility and SIM solutions. FireEye, desperate not to be positioned as a point solution has led the way in this regard. In some cases, these third- party integrations have been more innovative than some of the internal integrations of the traditional “suite vendors.” The size and complexity of these suite vendors can easily stifle integration amongst a portfolio built upon acquisition. This must change.
So how do we go about putting point solutions out to pasture?
Longer term, integrations between two solutions are great, but we can do so much more. As Mr. Zero Trust, John Kindervag says, “Management is the new back plane.” We need robust orchestration of our defenses, and vendors who enable this will standing at the top of the hill. APIs are a key component of the ecosystem play, and you can expect continued focus on them. Fellow analyst and XML co-creator Eve Maler, is going to help me define ways to measure APIs and their ability to enable ecosystems. Later this year, when I start my next Forrester Wave on web content security, there will be a significant focus on the integration/ecosystem capabilities of the solutions. I will also follow this blog up with a focus in the cloud implications of an ecosystem based defense. In the meantime, RIP point solutions, RIP.
Image Source: Stock.XCHNG
Lead BT Transformation
Develop customer-obsessed strategies to drive growth »
Forrester's CX Index
Predict how actions to improve CX will affect revenue performance.
Measure the customer experiences that matter most »