Security landscape plagued by too many vendors: Cisco

Ronny Guillaume, system engineer security at Cisco Systems, is concerned that organisations are surrounded by too much noise in the security space to grasp what they actually need to employ.
Written by Asha Barbaschow, Contributor

Vendor saturation is one of the biggest challenges currently plaguing the cybersecurity market, according to system engineer security for Cisco Systems Ronny Guillaume, who is concerned that organisations are surrounded by too much noise to truly understand what it is they actually need to protect their business.

"Studies have shown that companies have up to 70 different security vendors installed and in their company to solve problems," he said.

"Now imagine if you had to go and look at 70 different security products and understand what's going on within your specific network -- it's almost impossible."

Speaking in Sydney on Tuesday, Guillaume pointed to the data breach that plagued US discount retail giant Target nearly three years ago.

Attackers gained access to Target's network after a phishing email duped an employee of Target third-party vendor Fazio Mechanical, allowing Citadel, a password-stealing bot variant, to be installed on Fazio computers. Once Citadel had successfully snagged Fazio's login credentials, the attackers breached Target's Ariba vendor portal, gained entry into the retailer's internal network, and took control of Target servers.

From there, attackers infiltrated Target's point-of-sale systems and spent more than two weeks scraping and dumping credit card data to sell on the black market.

As the story unfolded, it became clear that the breach had compromised 11 gigabytes of data containing the names, mailing addresses, phone numbers, email addresses, and payment card information for up to 70 million people.

"Target actually had really good security measures in place," Guillaume said.

"They had access control, firewalls, they had sandboxing technologies, everything was in place; the only problem was that they didn't talk to each other."

While attending an RSA Security conference recently, Guillaume explained he walked out to the exhibition hall and saw in excess of 90 different security vendors pitching their respective products as the best solution.

He said it is getting harder for organisations to pick who to go with and to determine how many products -- and what type -- they need.

Tech giant Dell recently unveiled its new endpoint security and management portfolio, combining Dell Data Security Solutions, Mozy by Dell, RSA Security, and VMware AirWatch in a bid to tackle what it too believes is a market riddled with multiple security vendors.

With approximately 1,600 security companies out in the market, Zulfikar Ramzan, chief technology officer at Dell-owned RSA Security, said he has found customers want to combine their security products and vendor relationships.

"I was talking to one of our customers just two weeks ago and they are using 84 different security vendors, and it's not an uncommon number to hear," he said in October.

"We are noticing a trend in the industry where people are trying to move away from that multi-vendor relationship, because security is fundamentally in many ways about management; you cannot have an environment that is secure that is not well managed -- they have to go hand-in-hand."

Also of concern to Guillaume is the ever-changing threat landscape, even more extensive given the explosion of the Internet of Things (IoT).

By the end of 2016, analyst firm Gartner is expecting around 6.4 billion "things" -- devices from toasters and kettles to cars and hospital equipment -- to be connected to the internet.

That figure represents a 30 percent rise from 2015, and Gartner expects this figure will grow further to reach 20.8 billion by 2020.

By this year, as many as 5.5 million new things will become connected every day. As a result, the growing IoT will support total services spending of $235 billion in 2016, up 22 percent from 2015, the analyst predicted.

"Because we have all of these devices connected to the network, the business of how you will secure your business is getting larger and larger," Guillaume explained.

"Today, roughly between $450 billion and $1 trillion is getting stolen each year out of companies due to cybercrime."

With the IoT, he said it is getting harder to secure all of the devices while still maintaining consistency as the speed of new threats increases.

"Every single time we think we've actually found the silver bullet, I can tell you, there is no silver bullet," he said. "We will not be able to stop 100 percent of the threats."

Guillaume expects the security landscape to remain complex, and noted that the bad guys are not going to "go away".

He also said that within an organisation, security should just be a very small part of a business that merely facilitates the ability to go about business as usual.

Editorial standards