Vendor consolidation, a strategy where organizations reduce the number of vendors they use, has become one of the key trends witnessing significant growth in recent years. According to a Gartner survey, 75% of organizations were reported to be pursuing security vendor consolidation in 2022. This is a notable increase from 2020, where only 29% of organizations were engaged in such strategies.
As vendor consolidation in cybersecurity gets more prevalent, organizations face a challenging decision: whether to choose vendor consolidation or best-of-breed solutions for each security domain. In this article, we will explore the benefits and downsides of both approaches and explain how vendor-agnostic SOAR can help bridge the gap by providing flexibility and integration capabilities.
On one side is security vendor consolidation, which promises a streamlined, unified security framework. On the other side are best-of-breed solutions, where each tool is a leader in its specific domain.
Vendor consolidation may offer potential cost savings and simplified management, but it may also limit the organization’s ability to choose the best solution for each security domain. On the other hand, best-of-breed solutions provide the most effective protection for each security domain, but they lack integration, often leading to data silos.
Speaking in a recent webinar on the benefits of open and vendor-agnostic solutions, Tony UV, CEO of VerSprite, a US-based MSSP, said, “There are companies that are instantiating their business model to simply have an exit. That’s not who we particularly like to do business with.”
“There’s a level of due diligence that you have to do when vetting your tool-based vendors, your MSSP. It’s not just about the tools; it’s about understanding the vision and direction of the company from a business standpoint. With all the things that are changing dynamically, you want to make sure that the goals and mission of your strategic partners… they’re not changing.”
This underscores the high stakes of consolidation in the cybersecurity landscape. If your tool vendor’s plans are misaligned with your strategic goals, and they get acquired by a larger company, it’s likely to change its product roadmap, support, and pricing structures. Additionally, an acquisition can lead to a loss of the specialized expertise and customer-focused approach that often characterizes smaller, best-of-breed vendors.
Vendor-agnostic SOAR tools are emerging as a critical tie-breaker in making this decision. SOAR’s ability to integrate with security tools, regardless of the vendor, enables organizations to leverage the best of both worlds: the specialized capabilities of best-of-breed solutions and the streamlined management of a consolidated approach.
Advantages of Vendor-agnostic SOAR
Recent industry movements, notably Cisco’s announcement to acquire Splunk for $28 billion, are reshaping the cybersecurity landscape. This development, as analyzed in a recent blog, underscores the importance of independent, vendor-agnostic SOAR solutions. In a larger corporate ecosystem, SOAR risks becoming a mere checklist item, diluting its potential due to competing priorities and limited R&D focus. A vendor-agnostic approach ensures flexibility, allowing integration with a diverse range of security tools and preventing lock-in within a single vendor’s ecosystem. This approach is vital for maintaining well-designed and up-to-date integrations across various vendors.
While the choice between vendor consolidation and best-of-breed solutions presents a complex dilemma, SOAR stands out as a strategic enabler. By offering an agile, integration-friendly platform, SOAR tools help organizations not just bridge the gap but also make the most of their security investments. In the next blog in this series, we’ll take a closer look at the role vendor-agnostic SOAR can play in overcoming siloed security challenges.