Published on November 9, 2023, 6:14 am
A recent survey by Gartner has revealed that an increasing number of organizations are prioritizing security vendor consolidation in 2022. According to the survey, 75% of organizations plan to consolidate their security vendors, a significant jump from the 29% reported in 2020.
John Watts, VP analyst at Gartner, explained that security and risk management leaders are becoming increasingly dissatisfied with the operational inefficiencies and lack of integration brought about by using multiple security vendors. As a result, they are seeking to consolidate their security stack and work with fewer vendors.
The survey found that 57% of organizations currently work with fewer than 10 vendors for their security needs. This consolidation trend is driven by the desire to reduce complexity and improve overall risk posture, rather than purely cost-saving or procurement optimization motives. In fact, among survey participants, 65% expect to enhance their risk posture through consolidation, while only 29% anticipate reduced spending on licensing.
Watts emphasized that while cost optimization can be a factor, it should not be the primary driver for vendor consolidation. He stated that organizations looking to optimize costs must either reduce products, licenses, and features or renegotiate contracts.
For organizations yet to pursue vendor consolidation, the main impediments identified were time constraints and having rigid vendor partners. However, lengthy procurement processes or requests for proposals have paved the way for consolidated offerings like Secure Access Service Edge (SASE) for edge connectivity and Extended Detection and Response (XDR) for endpoint protection.
The survey highlighted that 41.5% of respondents plan to adopt SASE within their organizations by the end of 2022, while 54.5% have plans to adopt XDR within the same timeframe.
Dionisio Zumerle, VP analyst at Gartner, recommended considering XDR and SASE as compelling options for starting the consolidation journey. SASE provides secure enterprise access, while XDR focuses on detecting and responding to threats with increased visibility across networks, cloud environments, endpoints, and other components.
Interestingly, the survey also found that 57% of organizations reported faster resolution of security threats after implementing an XDR strategy. More than half of the surveyed organizations leverage SASE projects to simplify network and security policy management while improving their overall security posture.
While many organizations desire SASE and XDR to work together, Zumerle pointed out that security and risk management leaders often keep them distinct from each other but ensure they can interoperate. This approach allows for flexibility in selecting best-of-breed functionality and was validated by 46% of respondents.
To effectively complete the consolidation process, security and IT leaders should plan for at least two years as it takes time to consolidate effectively and consider the costs associated with switching incumbent vendors. Additionally, Matts warned about anticipating vendor mergers and acquisitions, as the security market is continually consolidating.
In conclusion, organizations are increasingly recognizing the benefits of consolidating security vendors. By reducing complexity and improving risk posture through consolidation efforts like SASE and XDR implementation, businesses can enhance their overall security while streamlining operations. It is important for security and IT leaders to plan for consolidation carefully and consider long-term factors such as vendor switching costs and industry changes due to mergers or acquisitions.