The cybersecurity industry has long been plagued by fragmentation, with companies investing in numerous standalone point products in an attempt to enhance their security posture.

This approach has led to increased spending without necessarily improving overall security, according to Lee Klarich (pictured), chief product officer of Palo Alto Networks Inc., who believes that a fundamental shift is occurring with the emergence of integrated platforms that offer best-in-class capabilities.

“For the first time, we’ve finally reached a point where there are real platforms emerging that are best in class in the capabilities,” he said. “But the capabilities are delivered natively integrated, and that is changing the game on security outcomes for the cost that goes into them.”

Klarich spoke with theCUBE industry analysts John Furrier and Dave Vellante at the RSA Conference, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the significance of cybersecurity transformation and the potential for improved security outcomes while streamlining costs. (* Disclosure below.)

The journey toward integrated platforms

The current state of cybersecurity involves organizations grappling with the management and integration of a multitude of disparate technologies. The complexity of operating and configuring these tools can be overwhelming, resulting in suboptimal security measures. However, the advent of integrated platforms changes the game by providing native integration of diverse capabilities. Instead of dealing with multiple point products, organizations can now leverage a unified solution that offers seamless correlation, configuration and prioritization of security alerts, according to Klarich.

“It is one of the most fragmented markets out there, and the net result of that is every company keeps buying more and more and more standalone point products, which results in spending more money, but the net result of that is not better security,” he said.

Transitioning from a multitude of point products to integrated platforms requires a well-defined strategy and a realistic timeframe. Organizations should not focus on eliminating every single tool but rather aim to replace point solutions with natively integrated capabilities, according to Klarich, who emphasized that the goal is to reduce the overall number of tools and achieve unified solutions that provide comprehensive security coverage. He envisions a phased approach, where organizations gradually consolidate their security technologies.

“In network security … that journey can be done in the course of, you know, anywhere from say, one to three years,” Klarich said. “Cloud security is going to be a similar journey … that also is a journey.”

The transformation process differs based on the area of focus, such as network security, cloud security and security operations. Each domain presents unique starting points and challenges. For network security, the journey involves consolidating next-gen firewalls, software-defined networking and secure access service edge capabilities, Klarich explained.

Cloud security, on the other hand, often begins with gaining visibility into cloud environments and subsequently progresses toward incorporating runtime protections and DevOps integration. Similarly, security operations undergo a transformation driven by data, artificial intelligence and automation, Klarich added.

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the RSA Conference:

(* Disclosure: Palo Alto Networks Inc. sponsored this segment of theCUBE. Neither Palo Alto Networks nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE