Consolidating vendors has always been on the mind of digital leaders, but the current economic climate has elevated this topic, with a recent Gartner survey claiming that 75% of organisations are currently pursuing security vendor consolidation projects, up from 29% in 2020.
On the face of it, we can put this down to the need to reduce costs as both consumers and businesses tighten their belts. But the Gartner survey suggests that the real driving factors behind this consolidation are more strategic than that. It identifies both risk reduction and the need to reduce complexity and operational inefficiencies as the primary motivations. This aligns to the conversations I have with customers, who understand the operational gains to be had in reducing vendors, as well as limiting use of disparate, unintegrated technologies, even if procured from a single vendor.
Organisations understand these benefits and many have identified technology areas such as extended detection and response (XDR) and secure access services edge (SASE) as two strong sources of consolidation advantages. However, any change requires an organisation to consider three key metrics:
- Are we improving or worsening our risk posture?
- Is this enhancing or limiting business agility?
- Are we reducing costs to our bottom line P&L, including through areas such as reduced cyber insurance outlays
Any project requires careful analysis and the right balance between three factors: risk reduction, business agility, and cost reduction. And if all three can be realised then we can make a strong business case for change. In this blog I would like to explore the three Why’s that infrastructure and security leaders have to consider and articulate when presenting their business case for approval. Why should we change? Why do this now? and Why the chosen vendor?
Why change?
While some consolidation initiatives are driven by executive team priorities, most commonly they stem from a desire to reduce the operational and cyber risk caused by multi-vendor complexity. Let’s consider providing access to and securing applications. It is very common to see four or more vendors in the mix, all essentially providing the same functionality but for different channels. This not only leads to an inconsistent policy and different threat and data protection policies, but it creates gaps in security and provides a poor user experience. This ultimately increases risk and reduces business agility.
For network and security operations teams, having many data feeds leads to a huge amount of integration work to not only ingest but also normalise the data. In some cases it means logging in to many consoles to troubleshoot one single issue or incident. Added to this issue are the current problems with recruiting and keeping security and networking talent—lots of systems need lots of people to operate them.
So, the business case is there to increase both business agility and operational efficiency, moving precious resources from reactive to proactive investigation and analysis, and to projects that will help transform the business.
Why now?
Often timing is driven by a pending event; a renewal of a legacy technology license, the risk of an unplanned price increase, or perhaps a deadline for compliance. But for many organisations, the timeframe for a consolidation project comes from budgetary cycles and a desire for cost reduction. As discussed earlier, while this is often not a primary driver for a consolidation project, it is often the primary reason for the timing. Telling a CFO of a 5,000 user organisation that it will cost them $3.5m over the next three years by not making this change now is a very compelling argument! It is also the reason why, here at Netskope, we work hand in hand with organisations to create a business value proposition that forms part of a project justification. I call this the “cost of no decision”.
Cost savings not only include direct subscription costs, but moving to a s