A total 75% of organizations across North America, Asia Pacific and EMEA plan to consolidate the number of security vendors they use, a Gartner survey of 418 respondents found. That percentage has increased significantly, as only 29% were looking to consolidate vendors in 2020. The main reasons are an increase in dissatisfaction with operational inefficiencies and lack of integration of a heterogenous security stack, the survey found.
Companies look to reduce the number of vendors they work with in key areas like secure access service edge (SASE) and extended detection and response (XDR). The survey found that 57% of organizations are working with fewer than ten vendors for their security needs.
Perhaps as a result of this shift in enterprises’ priorities, some vendors have already started to combine some products to offer simplified enterprise security. In February 2022, for example, Forcepoint announced an all-in-one cloud platform that integrates zero trust capabilities and SASE technologies so security teams can manage one set of policies through a single console.
Pros and cons of consolidating security vendors
While saving money could be a result of consolidation, it is not what is driving organizations. Sixty-five percent of respondents said they expect to improve their overall risk posture and only 29% expect reduced spending on licensing.
Cost optimization should not be a driver, Gartner VP analyst John Watts said. Those looking at cutting costs must reduce products, licenses and features, or ultimately renegotiate contracts. A drawback of those pursuing consolidation has been a reduction of risk posture in 24% of cases, rather than an improvement.
But if cost savings becomes a result of consolidation, CISOs can invest that on preventing attack surface expansion. “This trend captures a dramatic increase in attack surface emerging from changes in the use of digital systems, including new hybrid work, accelerating use of public cloud, more tightly interconnected supply chains, expansion of public-facing digital assets and greater use of operational technology (cyber physical systems—CPS). Security teams may need to expand licensing, add new features, or point solutions to address this trend,” Watts says to CSO.
The time invested should also not be taken for granted. Gartner found that vendor consolidation can take a long time with nearly two-thirds of organizations saying they have been consolidating for three years. Another obstacle facing enterprises are rigid vendor deals, an issue faced by 34% of respondents. Gartner advises IT leaders to plan at least two years for consolidation.
“Our survey results show that security vendor consolidation is a multi-year effort for most organizations and requires planning to replace incumbent vendors coordinated with both technology migration projects and contract termination dates,” says Watts.
One of the main benefits of the consolidation move is the initial opportunity to drive better pricing discounts from incumbent vendors and their competitors. “As vendors expand their functionality, they are increasingly competing against vendors with whom they have not have historically competed. For example, a CISO looking to replace an incumbent SWG [secure web gateways] or CASB [cloud access security brokers] point solution with a converged SSE [security service edge] offering can drive improved discounting as vendors look to gain or protect market share against new competitors. However, CISOs need to be aware of overlapping contract terms and potential shelfware from new, underutilized features which may drive higher overall licensing costs compared to the current status quo,” Watts says.
What drives enterprises toward SASE and XDR
Those who plan to have adopted SASE within their organizations by the end of 2022 make up 41.5% of respondents, and 50% of respondents use SASE projects to simplify network and security policy management and improve security posture.
Organizations that have plans to adopt XDR by the end of 2022 make up 54.5% of respondents. XDR has already helped 57% of respondents to resolve security threats faster.
“While 89% of surveyed organizations want SASE and XDR to work together, security and risk management leaders will often opt to keep them distinct from one another but ensure they can interoperate. This is an approach validated by 46% of surveyed organizations, which allows for flexibility to select best-of-breed functionality,” said Dionisio Zumerle, VP analyst at Gartner.