Security consolidation is about improving results, not just cost savings

Security padlock operating on the electronic circuit CPU
(Image credit: Getty Images)

The economy is in a difficult situation. ONS figures show that the UK economy grew by 0.1 percent in the first quarter of 2023 and the cost-of-living crisis continues to affect confidence. 

While the technology sector has traditionally been able to weather tough conditions, that's not the case this time around. 

Even areas like IT security are facing challenges. While Gartner predicted this market will continue to grow by 11.1% year-on-year through to 2026, this increase in spending will have to be stretched further to keep pace with emerging threats. 

Matthew Middleton-Leal, managing director, northern EMEA, Qualys
Matthew Middleton-Leal

Matthew Middleton-Leal is managing director UK, Ireland and Africa at Qualys. He's an experienced executive with more than 25 years working in cyber security, delivering successful client outcomes and shareholder value. Matt brings significant experience having worked for many organisations on security projects in areas such as threat and vulnerability management, identity and access management, networks, and database security.

CISOs are having to look at their strategies with fresh eyes in order to stretch budgets, including potentially consolidating the number of vendors they work with.

So what will these consolidation exercises look like, and how can channel partners capitalize?

What should consolidation mean to your customers?

When we use the term consolidation, we typically mean cost-cutting. However, for security teams, the ability to reduce costs should not be conflated with decreasing budgets, which will ultimately leave teams without critical resources. 

The challenge is how to make budgets go further and invest where companies need it, rather than this being an exercise in having money taken away.

Waiting until customers ask about this approach is too late. Instead, taking a proactive approach can put you - and your customer’s security team - in the driving seat when it comes to how projects are defined and what the success metrics are.

To get started, analyze how your customer manages their security processes and the products. It’s easy to build up shelfware that is either not being used, or only utilized for tasks that are not valuable enough to carry on spending on them. 

These solutions can be removed and replaced with more cost-effective options, especially where other solutions can be used to cover the same tasks.

This may throw up some interesting findings. You may find yourself dealing with challenging scenarios and internal company politics. For example, you may find that processes are not as efficient as they could be, or that teams are relying heavily on manual work to get things done.

In a worst case scenario, you may uncover something that is not compliant with an industry standard or regulation. 

It’s important to be tactful here, as security teams may have invested a lot of their time into building and evolving their processes. With anything that has been in place for a while, this can create a lot of attachment. While we all like to think of ourselves as rational beings, this is not always the case. 

Taking a diplomatic approach can pay off as no-one likes to think of their deployment as wasteful.

Building back up again

Once you have established the tools, processes, and people involved in delivering security, you can assess the potential overlaps and where consolidation can occur. 

Every vendor talks about the mythical single pane of glass for security, and you may find that customers have multiple ways of achieving this result. They may even be running multiple product suites for their security and risk management requirements, from identity management through to firewalls, network security, and cloud.

From here, you can look at how to consolidate and improve security operations. 

This may remove some tools, but the main goal should be to achieve better processes and faster delivery. Ideally, you can reduce the overall vendor count and make use of more integrated suites of services rather than multiple products. 

This can make a big difference in cloud environments, where customers would otherwise have to run multiple agents to get the security services they need. Taking a ‘one agent’ approach reduces the overall amount of compute resources required to manage security services, which helps the customer save costs.

On top of this audit, you can move into recommending how best to consolidate and maintain security levels. For example, many companies will subscribe to a threat intelligence feed, but do they make use of it? 

Instead, can you supply a service that combines multiple feeds for better coverage while also offering recommendations on where to improve over time. This delivers an ongoing revenue opportunity while helping customers reduce their spending on specific security products.

Alongside this, explore ways  you can help the customer to automate their processes where possible. These efforts not only help the security team work faster and more efficiently, but it can show where there are ways to improve processes and working practices. 

Security vendors are all deploying AI and machine learning to streamline processes, but this should also be used to free up focus time for security analysts.

Looking for more opportunities around value

While security consolidation projects may set out to cut costs, they might lead to other opportunities that you can build on. For instance, many companies now need more help in communicating their security position to their internal leadership teams or the board. 

This calls for more risk management support, but it also requires nuanced communication support as well. It is not enough to just provide a dashboard – instead, you may need to help security teams work on how they communicate with leadership.

Improving communication is a great secondary objective for consolidation projects. By cutting the number of tools involved, you can remove some of the headaches for security teams about getting the right data together. 

On top of this, you can make it easier for them to demonstrate they are doing a good job.

Many companies need help on security consolidation projects. To maximize these opportunities, start by looking for overlaps and gaps. Once this audit is complete, you can make recommendations on how to reduce the number of vendors, integrate those that are in place, and make processes more efficient for everyone involved. 

The result should save the company money, but it should also deliver better security posture for the future.

Matthew Middleton-Leal
Managing director, Northern EMEA at Qualys

Matthew Middleton-Leal is Managing Director UK, Ireland and Africa at Qualys. He is an experienced executive with more than 25 years working in cyber security, delivering successful client outcomes and shareholder value. He is focused on building, managing and mentoring the best talent in the industry to overachieve on corporate goals. Matt brings significant experience having worked for many organisations on security projects in areas such as Threat & Vulnerability Management, Identity & Access Management, Networks and Database Security.