A recent survey conducted by OpenText revealed that small and midsized businesses (SMBs) are also seeking to consolidate their security tools and vendors amid a potential economic slowdown. The survey found that 86% of SMB customers using managed security service providers (MSSPs) aim to reduce their current portfolio of security tools. The primary motivations behind this consolidation effort are cost reduction and simplifying complex security environments.
Guss Lababidi, vice president at OpenText Cybersecurity, a cybersecurity conglomerate, emphasized that consolidation benefits both businesses and service providers. For businesses, it allows them to rely on service providers due to limited resources and staffing, while service providers benefit from simplified billing and ease of doing business with fewer tools and vendors.
The trend of consolidating vendors has gained momentum as companies rapidly adapted to the pandemic-driven business landscape by migrating services to the cloud. According to a report by Spiceworks Ziff Davis, by mid-2022, 75% of companies planned to reduce the number of security vendors they used, compared to 29% in 2020. The report highlighted the top strategies explored by companies, such as reducing non-essential spending, re-evaluating vendors, and decommissioning infrastructure.
Despite a reprieve in the dark economic forecast, efforts to cut costs remain strong. While a majority of economists predicted a recession within the next 12 months, employment numbers and the stock market continue to resist a downturn. Jeff Pollard, vice president and principal analyst at Forrester Research, noted that the factors for a recession do not seem to be present, leading to a delay in its arrival.
However, economic risks have prompted companies to pursue initiatives aimed at simplifying and reducing the cost of security operations. Pollard pointed out that even before economic concerns arose, many security leaders expressed concerns about having too many tools and products. Their focus was on simplifying technology and rationalizing portfolios rather than purely an economic argument.
Gartner, a business intelligence firm, highlighted that most midsized enterprises (MSEs) are striving to optimize their security operations by reducing the number of vendors. Patrick Long, an analyst with Gartner, suggested two approaches for optimization. One approach involves overcoming the shortage of security workers by outsourcing to service providers. The other approach involves adopting all-in-one suites from a single vendor, helping to reduce licensing costs and providing more holistic security capabilities.
Currently, 68% of MSEs are pursuing security-vendor reduction strategies, with the remaining third likely to follow suit in the next three years. Long emphasized that MSEs are focused on optimizing architecture, integration strategies, vendor management, workforce management, and costs. While current economic conditions influence security vendor consolidation, it is not the primary driver.
However, reducing the number of security products is not without challenges. Long contract periods and subpar integration between products from the same vendor can hinder consolidation efforts. Transitioning to an integrated product requires the security team to learn the new system, which can take time and impact efficiency gains.
But progress is being made. Companies that have pursued consolidation have seen a decrease in IT security costs by over 2%. Data security costs have been reduced by a quarter, and identity management has shrunk by more than a third. Ben Pippenger, chief strategy officer at Zylo, a SaaS management platform, pointed out that there is often redundancy within security categories. For example, cloud identity and access management are among the most redundant software functions, with the average company utilizing nearly five applications for this purpose. Pippenger suggested that while security is vital, it could still benefit from consolidation.
In conclusion, SMBs are following the lead of enterprises in consolidating their security tools and vendors. The motivations behind this consolidation effort are cost reduction and simplification of security environments. While economic risks have urged companies to reduce expenses, the desire to simplify and optimize security operations has been a driving force even before economic concerns arose. Although challenges exist in reducing the number of security products, companies that have pursued consolidation have experienced cost savings in IT security. Overall, the trend of security vendor consolidation is expected to continue as businesses seek to streamline their security operations.