Enterprise cybersecurity technology research that connects the dots.

Omdia: Standalone Security Products Outsell Cybersecurity Platforms

Cybersecurity platform vendors say enterprises want to buy fewer solutions from fewer vendors. Omdia research, however, tells a different, more nuanced story.

5 Min Read
A photo portrait of Omdia Principal Managing Editor Eric Parizo
Source: Omdia

At a Glance

  • Despite the vendor push to platforms, organizations are buying more, not fewer, standalone cybersecurity products.
  • The numbers show a stark contrast between the message from cybersecurity platform vendors, and the reality of enterprises.
  • The current reality is few enterprises are buying into single-vendor platforms.

In its many briefings with cybersecurity vendors, one of the most consistent themes Omdia hears is why enterprises need cybersecurity platforms.

Across nearly all segments of cybersecurity, the opening statement from large vendors always goes something like this:

"Enterprises have too many standalone security products. They're expensive to purchase, deploy, and manage; point solutions function in a silo because they aren’t designed to work together; trained, experienced cybersecurity professionals are hard to find and harder to keep — hence, fewer products mean more efficient training and staffing for CISOs. Not to mention, they aren't working because look what happened with that latest big scary data breach!"

Instead, vendors claim, enterprises could get better outcomes if they give up their multitude of standalone products and instead purchase a cybersecurity platform solution, which rolls up the capabilities of many discreet products into an all-in-one offering from a single vendor.

CrowdStrike, Fortinet, Palo Alto Networks, Trend Micro, and many others have positioned themselves as cybersecurity platform vendors, employing go-to-market messaging that emphasizes the integration, single user interface, improved security efficacy, and better return on investment that their respective cybersecurity platforms provide.

On its face, this seems sensible. All the above-mentioned challenges that come with point solutions are very real. Omdia asserts enterprises need their cybersecurity products to work together, specifically by exchanging data and performing orchestrated functions, but building and running an integrated ecosystem of best-of-breed security solutions provided by many vendors is a never-ending challenge, one that keeps security architects awake at night.

A Growing Number of Deployed Products

Plus, today's enterprises really do have a lot of security products. Omdia research shows that a majority of enterprises have 21 or more standalone security products, and a third of organizations have 31 or more.

It's not hard to buy into the sales pitch from platform vendors that the fastest way for enterprises to improve their security is by buying fewer point products and shifting spending to cybersecurity platforms.  

However, according to Omdia research, it's simply not happening.

According to data from the 2023 Omdia Cybersecurity Decision Maker survey, organizations indicated an increased in number of standalone security products, not a decrease.

Chart:How has the number of standalone security products in your organization changed over the past 12 months?

Omdia research shows that from June 2022 to May 2023, more than 80% of survey respondents saw an increase in the number of standalone security products in their organizations (161 respondents). Furthermore, for 44% of respondents, it wasn't just a minor increase; in those enterprises, the number of standalone products increased 11% or more. Conversely, just 7% of respondents noted a decrease.

The numbers highlight a stark contrast between the perception that is being advanced by cybersecurity platform vendors, and the reality being observed in enterprises. Despite the vendor-touted benefits of the platform approach, data indicates enterprises still live in a best-of-breed approach.

Omdia theorizes there are several possible explanations:

  • Messaging: Platform vendors simply aren't effectively communicating the benefits of a platform-based approach. This is possible, but unlikely. Anyone who has viewed vendor websites or attended an industry trade show like Black Hat in recent years has received a heavy dose of platform-centric marketing.

  • Entrenchment: Charge is hard, particularly in cybersecurity, and security teams are usually loath to abandon tools into which they have invested time and effort to achieve their desired outcomes. It is much easier for an incumbent vendor to win a renewal than it is for a rival to win a displacement.

  • Lock-in: Furthermore, in many cases, the vision of a migration to a platform approach requires a commitment to a broad, expansive, and potentially disruptive change. Implementing a platform approach means making a long-term commitment to one vendor and forgoing choices down the line. Many enterprises may be reluctant to cede that level of control.

  • Efficacy: Enterprises simply don’t see cybersecurity platforms delivering the desired outcomes. Indeed, Omdia has observed that many if not most cybersecurity platforms are created through a series of point product acquisitions, each of which is then re-engineered to be a component of a platform offering. In practice, this means a single platform may include tools written in multiple programming languages, using different data formats, and requiring incongruent user interfaces, creating a series of underlying technical challenges that negatively impact platform outcomes.

  • Specificity: Enterprises purchase point products because they tend to be very good at solving a very specific problem, and that earns loyalty among customers. Niche vendors that successfully ease a key cybersecurity pain point can stand the test of time amid a tumultuous industry. Case in point, vendors AlgoSec and Tufin have been addressing multivendor firewall management going on two decades and counting, when during that time cybersecurity titans like McAfee and Symantec have risen and fallen.

These are just a few of the possible reasons, and Omdia intends to conduct further research in this area, but for now, there are several notable takeaways.

Accept Enterprise Reality

For vendors, fostering a cybersecurity platform may be a sensible business strategy, but it is equally important to accept the reality few enterprises are buying into single-vendor platforms. Meeting the needs of the market also requires catering to organizations living a best-of-breed approach. This means vendors should not only support ease of integration through technology partnerships and open standards but also minimize the finger-pointing when customers need help making rival vendors' offerings work together.

For enterprises, the best-of-breed approach may be familiar, but platform vendors are working hard to address many of the shortcomings that have hindered all-in-one cybersecurity platforms to date. When solution refresh cycles come up, it's worth stepping back and taking a broader look at whether the evolving platform landscape may offer a better long-term approach. For those focused on point solutions, be sure the requirements include actual examples of successful best-of-breed integrations and testimonials from customers who have achieved the desired outcomes from their integrated security architectures.

For service providers and channel partners, platform vendors' struggles are your opportunities. On one hand, working through (or entirely removing) the challenges of implementing and running a best-of-breed cybersecurity solution architecture isn't easy, but vendors and enterprises alike desperately need this assistance. On the other hand, cybersecurity platforms make for a compelling service offering, while evangelizing the benefits of these platforms is an area where vendors reliance on the channel is only growing.

For more information, read Omdia Cybersecurity Decision Maker 2023: Overall Findings & Enterprise Cybersecurity Operations (SecOps) (Omdia subscription required).

Read more about:

Omdia

About the Author

Eric Parizo, Principal Analyst, Omdia

As Principal Analyst, Eric Parizo leads Omdia's Enterprise Cybersecurity Operations (SecOps) Intelligence Service, its research practice focusing on threat detection, investigation, and response, as well as security operations center (SOC) issues. Eric also monitors global cybersecurity trends and top-tier cybersecurity vendors in North America. He has been covering, researching, or speaking on enterprise information technology for nearly 20 years. Prior to joining Omdia (Ovum) in 2019, Eric spent nearly four years at GlobalData, where he was responsible for tracking and analyzing the enterprise network security infrastructure product segment, as well as top-tier enterprise security vendor technology and strategy. He has also extensively researched topics including EMM/UEM, deception, and security technology integration. Eric previously spent nearly 15 years as a highly regarded technology journalist and editor at leading B2B publisher TechTarget, serving as executive editor for the Security Media Group, managing news, technical, and multimedia content. He is a nine-time ASBPE award winner, the B2B publishing industry's most prestigious award for excellence.


Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights