Security consolidation vs. security orchestration

A recent survey at the ISACA/RSA conference found that a third of organizations take six months or more to fill a cybersecurity position, and 10 percent can’t fill them at all. This chronic shortage of cybersecurity professionals is exacerbated as the number of security tools in use continues to increase. SecurityIntelligence.com noted the average enterprise can have security products from as many as 45 different vendors.

This leaves CISOs scrambling to formulate strategies that optimize their staff resources and security processes.

The right choice will make all the difference

There are two primary approaches to consider:

1. Consolidate and reduce the number of cybersecurity products and vendors being used.
2. Leverage orchestration to enhance how the preferred cybersecurity solutions work together.

Making the right strategic choice is critical, as the impact will be far-reaching.

The case for security orchestration

While on the surface both have their merits, when you really drill down, security orchestration has a clear advantage. When you consider the number of new threats being unleashed every day, the constant barrage of attacks and the need to defend against multiple attack vectors, the adaptability and flexibility of orchestration makes it the better choice.

Security orchestration allow CISOs to implement best-of-breed, specialized security solutions that are typically better equipped to detect and respond to new threats and/or new compliance/governance demands. The trend of implementing layered security also favors orchestration. With the orchestration approach, it is simpler to add new “layers” or pieces of cybersecurity protection into the overall security infrastructure. As new solutions are implemented, orchestration simplifies the process of integrating them into the security infrastructure.

With platform consolidation, an organization may be forced to wait, unprotected, while their vendors of choice design, develop, and release new products and capabilities. Simply put, consolidation reduces the number of security options for the CISO.

While IT organizations have traditionally found that vendor or product consolidation can produce substantial efficiencies for operational infrastructure components, cybersecurity has different rules. IT infrastructure is under organizational control and the needs can be documented. Cybersecurity threats are not under our control and new and different exploits emerge regularly. Security orchestration provides efficiency with the necessary flexibility to meet a rapidly changing threat landscape.

Gartner agrees and has listed orchestration as one of their top 10 cybersecurity trends. And Yishai Beeri noted in Dark Reading, “I predict orchestration, rather than consolidation, will be the way for enterprises to cope with security solution fragmentation.”