The growing sophistication of cyber threats has already come into sharp focus at the start of 2023, yet the struggle to close the IT security gap remains prominent. Employee tokens were stolen from the chat service Slack Technologies LLC, and 200 million email addresses were stolen from Twitter.

Inevitably, more such incidents are due to register. Global cyberattacks increased by 38% in 2022 compared to 2021, according to Check Point Research. And, increasingly, researchers are concerned about the uptick in targeting of crucial infrastructure, power grids and software supply chains.

“People ask if we’re winning the war against hackers, but it’s like asking if we’re winning the war against fingernails,” security expert Troy Hunt recently told Newsweek. “You can cut them back, but they just keep growing.”

As the number and the sophistication of these threats continue to increase, organizations look to close the IT security gap. Only three out of 10 organizations claim to be highly effective at cybersecurity, according to a biannual study sponsored by Hewlett Packard Enterprise Co.. But that same survey suggested that the successful operations shared certain traits.

“Customers found a lot of holes that they had in their environment because of the pandemic,” said Keith White, senior vice president and general manager of HPE GreenLake, in an interview with theCUBE, SiliconANGLE Media’s livestreaming studio. “I think customers are also seeing opportunities to grow pretty aggressively.”

The growing consolidation in the security space

Companies have long been calling for consolidation in the security space, and movement on that front has been growing in recent years, with experts expecting that trend to continue. It’s drawn big industry players, such as HPE, Dell Technologies Inc. and Oracle, to incorporate more software-led solutions into their servers, including upgrades with the latest processors from both Advanced Micro Devices Inc. and Intel.

Take HPE announcing its latest ProLiant offering in June, with the inclusion of a single socket capable of delivering up to 128 cores of compute. That was intended to appeal to customers looking for support with digital services, streaming, social media, and to businesses offering service for cloud ecosystems.

“The modern company utilizes the clouds, public and hybrid, as well as traditional infrastructure,” said Matt Kimball, senior data center analyst at Moor Insights and Strategy, in an interview with SiliconANGLE. “The on-prem datacenter is not going away, and traditional infrastructure will be around for a long time. So, the story begins with ProLiant being an anchor or platform that enables all of these environments and operating models to ‘just run’ with consistency of security and management.”

Responding to the demand

Over the past number of months, SiliconANGLE has been reporting that cost optimization is likely to remain a major theme in 2023. As indicated in survey data from ETR, the primary method that organizations plan to use for cost optimization is consolidating redundant vendors, listed at 36% of respondents.

The other theme, as noted by theCUBE industry analyst Dave Vellante during a recent broadcast held as part of CloudNativeSecurityCon 2023, has to do with the number of tools currently present on the security market.

“Consolidating tools is something that can help simplify, but then at the same time, you see opportunities open up like IoT security, and so you have companies starting to just do that,” Vellante said. “So there’s these countervailing trends.”

There are, in essence, different ways in which organizations can move: whether to cancel unneeded services to save money or switch to a more centralized service to streamline operations, also to save money.

“You’re seeing the consolidation, but some of these applications and platforms need to make some promises to say, ‘Hey, we’re going to move into this space,’” said Michael Foster, product marketing with Red Hat, in an interview with theCUBE.

Red Hat has moved forward with edge solutions that help manage the IoT devices, with an eye on establishing a built-in security platform to help customers do that, according to Foster.

“Then, the messaging is easy when you’re trying to do that across different cloud providers,” he said.

The cybersecurity skills gap comes into play here, with the (ISC)2 “2022 Cybersecurity Workforce Study” showing a workforce gap of 3.4 million people. Some companies have sought to utilize that gap to spur a push to consolidate, such as Palo Alto Networks Inc.

“We needed to get in with the CIO and CISO and say, ‘Look at this chaos you have here and the challenges around people that it’s presenting you,” said BJ Jenkins, president of Palo Alto Networks Inc., in an interview with theCUBE. “We can help solve that by standardizing, consolidating and taking that integration away from you, making it easier for your high-skill people to work on high-skill challenges.”

HPE recently introduced an expansion of its HPE ProLiant Gen11 next-generation portfolio powered by the Xeon chip platform with an eye on responding to challenges in cybersecurity. 

During the first episode of theCUBE’s series “Compute Engineered for Your Hybrid World,” Krista Satterthwaite, senior vice president and general manager of mainstream compute at HPE, said that announcement marked a significant departure from HPE’s previous Gen10 release. (Disclosure: This interview was part of a special CUBE program made possible by HPE.)

“The applications that we see and what people are trying to do with their servers is light years different from the last big announcement we had for our ProLiant Gen10 servers,” Satterthwaite said. “People are trying to do more than ever before, and they are trying to do that at the edge as well as the data center.”

Big industry players have also sought to capitalize on this growing trend. Take IBM, which has AMD EPYC processors for its IBM Cloud. Or there’s Oracle, which also uses AMD  EPYC processors as part of its offerings. 

When it comes to consolidation trends, Alexander Feiglstorfer from Storyblok GmbH sent in a prediction earlier this year that “all-in-one becomes extinct.” Vellante partially agreed with that view, writing that though all-in-one solutions will remain the norm for larger companies, smaller companies will favor best-of-breed solutions.

With an increasing demand for cybersecurity solutions, costs are rapidly rising, especially in light of the increased sophistication being seen when it comes to cyber threats. But there’s also an opportunity for enterprises to improve their security situation while reducing costs.

What comes next?

With data threats worldwide only continuing to increase, companies will be looking to keep pace with the use of technology intended to improve security.

Inevitably, the field and technology will continue to evolve as the “good guys” battle back against the “bad guys.” But things will need to move quickly, with the average cost of an enterprise breach now exceeding $4 million, according to an IBM study.

As a part of the biannual survey commissioned by HPE, other statistics reflected what the year ahead might bring. Forty-two percent of companies said they were planning to implement artificial intelligence as a critical part of their cybersecurity strategy, while more than six out of 10 said they recognized that the most significant challenges to their transformation efforts were avoiding data breaches, limiting unauthorized access to data and applications, and complying with data privacy regulations.

All of this reflects a need to follow the “secure by design” approach, according to Leech.

“By addressing security up front in a digital transformation, both costs and timelines will be reduced and efficient threat modeling will help to redefine the customer experience into something that reduces overall risk,” he said.

The best solution is only as good as the next threat — and if international incidents of cyberattacks continue on the same trend as they did in 2022, these solutions will only become more important should the IT security gap persist.

Image: A. Solano / Canva