Security platforms offer help to tame product complexity, but skepticism remains

How well do the platforms offered meet user goals? Of 181 enterprises who offered comments, none said any offering met all their goals. Only 25 said that “most” goals were met, and 92 said none of their key wishes were fulfilled. Why?

The biggest issue enterprises cited was what they saw as an inherent contradiction between the notion of a platform, which to them had the connotation of a framework on which things were built, and the specialization of most offerings. “You can’t have five foundations for one building,” one CSO said sourly, and pointed out that there are platforms for network, cloud, data center, application, and probably even physical security. While there was an enterprise hope that platforms would somehow unify security, they actually seemed to divide it. Of our 181 enterprises, 174 said the security vendors’ own “platforms” had little claim to the term.

Even within a single security vendor’s offerings, users weren’t happy with the ability of a platform to give them a clear picture of assets, threats, and the relationship between the two. Only 43 of the 181 enterprises said the “single pane of glass” view of security was improved by the security platforms they were offered.

The AI opportunity

What could fix these problems? The number one suggestion (no surprise!) is AI, which 154 enterprises said would be able to correlate information from multiple tools/platforms. However, because these enterprises don’t believe that current security platform vendors will offer AI that spreads across the full spectrum of security needs, given their current specialization, they don’t know where the AI tool that unifies them all will come from.

Ah, but they hope someone will provide a true security platform based on AI. More enterprises think that AI would be transformational to security than think it would transform network or IT operations and infrastructure. Over two-thirds of them say that security vendors recognize this, but enterprises are equally divided on whether current security vendors would fully exploit AI, even within the specialized security platform targets they currently have. Given that incumbent vendors in nearly any technology sector tend to favor evolution over revolution, they may be right, and that would make the creation of an AI security platform a major opportunity for an outsider.

Maybe the major opportunity, in fact. Of 181 enterprises with security platform views, 134 said they believed that a third-party platform was more likely to address their issues with security tools. Only 37 thought a current provider of security tools would offer the ideal platform. The remaining 10 thought no offering would come along, and this group was the most pessimistic about the prospects for real control over security.