The surge in cybersecurity vendor sprawl has become a major issue in the tech world.

As artificial intelligence and data integration advance, the sheer number of security vendors complicates an already challenging landscape. With cyber threats becoming more sophisticated, a strategic and disciplined approach to security management is essential.

“One of the things that’s really notable is cybersecurity [mattered] in a lot of different places before,” said Savannah Peterson (pictured, left), event host for theCUBE, SiliconANGLE Media’s livestreaming studio. “We’re not just talking about on-prem or in the cloud; we’re talking about edge. As much as we have all these tools, it makes it just as easy for nefarious actors who are doing cybercrime as a service.”

Peterson spoke with theCUBE Research’s John Furrier (right) at the Black Hat USA event, during an exclusive broadcast on theCUBE. They discussed the complexities of cybersecurity, focusing on vendor sprawl, the dual role of AI and the urgent need for a platform reset to manage security tools and vulnerabilities effectively.

Cybersecurity vendor sprawl and the need for a platform reset

One of the most pressing issues in the cybersecurity realm is the phenomenon of cybersecurity vendor sprawl. With over 3,700 vendors and 8,000 products available, organizations are overwhelmed by the sheer volume of security tools at their disposal, according to Furrier.

“I talked to people inside the industry. It’s very clear that the fatigue level of, I won’t say technical debt, but sprawl debt, meaning they’ve gotten so much stuff installed, they don’t even know who actually installed it. Patches aren’t being updated,” he said. “The top story here is, platform reset is going to happen and the sprawl will continue and then the threats are just coming on board.”

AI and generative AI are poised to play transformative roles in cybersecurity. On the one hand, AI offers unprecedented opportunities to enhance data protection and threat detection. Real-time asset identification and discovery tools, powered by AI, can significantly improve the ability to manage and secure vast amounts of data, according to Furrier.

“I think these discovery tools, asset discovery kind of comes in the governance area, but it’s really not,” he said. “It’s more of discovery prioritization and then remediation. That’s the focus and, again, disciplined approach to the portfolio, risk management is involved, but the reset of the foundation is going to be what I think the top conversation is going to be.”

However, the rise of AI also brings new challenges. The same technologies that bolster security measures can be exploited by cybercriminals to execute more sophisticated attacks. For instance, the prevalence of phishing emails has skyrocketed, with 17.8 million such emails recorded in the past six months alone, and 62% of these bypassing existing security barriers.

“This is the issue. Currently, there’s no vendor consolidation happening,” Furrier said. “Contrary to what people are saying, vendors aren’t consolidating because there’s too much threats to plug when you’ve got to plug those holes and those bad guys.”

The future of cybersecurity will likely involve a more integrated approach, where multiple vendors and solutions are seamlessly connected to create a cohesive security ecosystem. As the industry evolves, the focus will be on designing systems that can adapt to new threats and integrate diverse security tools effectively.

“What’s going to happen with generative AI?” Furrier asked. “The opportunity I see and what we’re talking to folks about and they’re thinking about is, ‘OK, how do I do end-to-end workflows? How do I vertically integrate the stack, leverage all the vendors that are out there and integrate them in and use gen AI to create a glue layer around either data or interaction?’ I think you’re going to start to see a real focus on, ‘OK, maybe we’re not going to consolidate down to a handful of vendors.’”

Here’s the complete video discussion, part of SiliconANGLE’s and theCUBE Research’s coverage of the Black Hat USA event:

Photo: SiliconANGLE