Security VADs up their game as cybersecurity threats escalate
Cloud, for all its simplicity, will not replace actual groundwork by security value-added distributors (VADs).
Even when a security platform is managed in the cloud, there are a lot of activities like partner onboarding and enablement, extending commercial facilities, partner incentive programs, marketing activities, lead generation process, trade shows and support for the products that are managed by the VAD.
From an operational and business standpoint, the industry doesn’t expect to see a negative impact due to stronger cloud adoption, reckons Jose Thomas Menacherry, managing director at Bulwark Technologies.
Still, the momentum on cloud adoption is undeniable.
The industry will continue to see organisations shift their workloads onto the cloud as their on-premises systems become end-of-life and they look to leverage the latest technology and tools available. Cloud adoption will be in full swing in the Middle East and North Africa (MENA) region in 2019 with the UAE at the forefront, expected to gain 31,650 new jobs between 2017 and 2022 from the market.
There has been a positive impact on cloud offerings in the region, with companies being more open to adopting cloud solutions, says Menacherry. “Security VADs earlier faced an uphill task in convincing clients about the cloud and hybrid offerings of the solutions they carry. However, with more enterprises accepting security in the cloud, this segment has started seeing better growth,” he adds.
In the Middle East, cloud adoption in the enterprise and government space has lagged due to local regulation, as well as FUD (fear, uncertainty, and doubt) and therefore has had minimal impact on the security VAD model so far, observes Avinash Advani, CEO of Spire Solutions.
Many similar organisations in the West have begun making substantive use of public cloud services, where it has proven to be a safe and secure foundation for computing and has in those parts of the world changed the structure of the security VAD model dramatically through aggregation and marketplaces. “In our region, the focus at this juncture when it comes to the cloud is developing new cloud-first policies and processes and rolling out local cloud environments,” Advani adds.
There has been a consolidation of market players within the cybersecurity space, OEM agreements for vendors to work closer and better together and product roadmaps to include greater functionality and overlap within the traditional vendor portfolio, observes Garreth Scott, managing director, Credence Security.
“Distributors are all fighting for the same vendors and this makes for an extremely competitive landscape—everybody is trying to do things differently to stand out and deliver results to the vendors they represent,” Scott says.
Emerging technologies are having a major impact on enterprises’ corporate security strategies; by default, security VADs must embrace these technologies if they are going to survive in the market.
“There is a lot of activity around IoT, SCADA, SOAR (Security Orchestration, Automation and Response) and AI vendors in the region and many vendors offering their solution on cloud as well,” says Menacherry.
Organisations are also moving away from mere threat prevention to threat detection and response. “Improving response and prediction capabilities is a priority driving the buzz in endpoint detection and response (EDR), user and entity behaviour analytics (UEBA) and deception,” says Advani.
With a cybersecurity landscape that is as varied as is risky, organisations have to deploy a bewildering array of security products, with true orchestration still a challenge.
Having a unified cybersecurity architecture with a ‘single-pane-of-glass’ view with the current disparate solutions in a hybrid model and multi-cloud deployment is a currently a fantasy, says Menacherry. “There are vendors that claim to offer a single-pane-of-glass view on the cybersecurity architecture, having end-to-end solutions from their stable as well as utlitising APIs to integrate reporting, alerting and dashboard view into single view. But this is still far from being a reality, Menacherry adds.
Even when all security tools feed into the SIEM/SOC, the management of the various tools in many cases still requires multiple and different interfaces, Advani observes. There have been recent attempts to tackling this problem of product sprawl by implementing SOAR as an additional layer above the SIEM/SOC that can automate and orchestrate the multitude of tools using playbooks.
In any case, businesses loathe to be vendor locked-in, instead opting the flexibility of different vendors for different environments.
“I personally think that gone are the days where enterprises would select technologies because they are all under one brand/technology,” says Scott. “Today, organisations are looking for best of breed technologies, best bang for their buck and return on investment.
“The end user is no longer just buying technology for the sake of buying a technology. Their priority is to find the most effective technology with good vendor ecosystems to ensure integration and workflows are as seamless as possible,” he adds.
The security VAD model is evolving, as the veracity and sophistication of cyber-attacks escalates.
Security VADs have had to increasingly offer professional services to help customers get more immediate value and to assist in skills training, Advani of Spire Solution observes.
“The level of support required goes well beyond simple break/fix product issues and focuses on helping organisations get immediate value out of the products while improving the administrator’s skills level,” he adds.
With an increase in volume and sophistication of attacks, the challenge has been to advise the customer to arrive at the right solution to counter such threats, says Menacherry of Bulwark Technologies.
“As there are a number of vendors in all categories, be it network security, perimeter security, or endpoint security, and with considerable overlap, a consultative approach needs to be adopted by solution providers and VAD to offer the best solution that would best fit customer’s requirement,” Menacherry adds.
Due to the rapidly changing threat landscape, numerous security technologies are being invested, which results in creating complexity and the need for constant monitoring and tuning to derive good insights, says Advani. “With that in mind, security vendors and thereby their VADs are moving to as-a-service models to alleviate both above-mentioned challenges and to ensure agile delivery of innovation/protection to customers,” he adds.
In digital forensics, demand for is likely to be driven by various factors, such as the increasing instances of cyber-attacks on enterprise devices, massive use of internet of things (IoT) devices, and stringent regulations, says Credence’s Scott.
“Credence Security faces specific challenges in that a large percentage of our revenue comes from forensics distribution, a segment that is not well adapted to traditional distribution,” he adds.
If businesses ever needed a true partner, this is the time. With escalating cyber attacks and a mounting cybersecurity skills shortage, they require security VADs that can deliver a comprehensive set of security products, offer the right support and guide them through what is a very complex threat landscape.