IT security buyers are consolidating vendors at an overwhelming rate, according to a speaker at this week’s Gartner Security & Risk Management Summit.
In a session on cybersecurity market trends and growth opportunities, Gartner analyst and VP Neil MacDonald said 75% of security buyers are pursuing vendor consolidation, up from just 29% in 2020.
“Customers want fewer providers,” he said.
MacDonald’s talk was directed at vendors rather than buyers, and he cautioned them: “Don’t just throw a bunch of stuff together; make it work better.”
Security Products Merge Into Platforms
As part of that trend, security products are consolidating too, MacDonald said. He noted 10 areas where cybersecurity products are merging into broader platforms (see slide below).
Secure web gateways, CASB and zero trust network access (ZTNA) are merging to become security service edge (SSE), he said — and with the addition of SD-WAN technology, SSE becomes secure access service edge (SASE).
EDR, NDR and identity threat and detection response (ITDR) are merging into XDR platforms — even as XDR joins with SIEM and SOAR to become Security Operations Platforms.
In cloud security, cloud workload protection platforms (CWPP) are joining with cloud security posture management (CSPM) and software composition analysis (SCA) to become workload security and CNAPP platforms.
Other broad security platforms highlighted by MacDonald include:
- Data Security: Includes DLP, digital asset management and data-centric audit and protection (DCAP)
- Workplace Security: Combines UEM, secure email gateways and EDR
- Attack Surface Management: external & cyber asset ASM (EASM and CAASM) and digital risk protection services (DRPS)
- Identity and Access Management: Includes access management, PAM and identity governance and administration (IGA)
- Integrated Risk Management: Digital rights management (DRM), vendor risk management (VRM), and GRC
Consolidation has been a central theme at the Gartner security conference in recent years. Cybersecurity mesh and decentralized identity were big themes in 2021 and hyperautomation was an emerging technology last year, and those trends came up again in a number of presentations this year.
CTEM, CIEM and AMTD Highlight Emerging Tech
Gartner is perhaps the biggest source of acronyms in the cybersecurity industry, and the 2023 event was no exception. CTEM, CIEM and AMTD are three emerging technologies that security pros might want to familiarize themselves with.
CTEM stands for continuous threat exposure management and is something like a continuous vulnerability management program (slide below from Gartner analyst Rich Addiscott).
CIEM is short for cloud infrastructure entitlement management, which controls cloud user and entity permissions (slide below from Gartner analyst Andrew Bales).
AMTD stands for automated moving target defense, which combines a number of security technologies to protect assets as they change states (slide below from Gartner analyst Mark Wah).
Read next: