The cybersecurity industry needs to reinvent itself

Organizations are spending more money on cybersecurity and feeling less secure. Last year, 93% of cybersecurity professionals said they were moderately or extremely concerned about cloud security.

And that was before the COVID-19 pandemic made the threat landscape even more precarious, with a sudden and dramatic increase in remote work that expanded the attack surface.

If we don’t reinvent cybersecurity, things will get worse before they get better.

According to IDC, more than 50% of global GDP is expected to come from digitally transformed enterprises in the next three years. Multicloud environments continue to proliferate and the Internet of Things (IoT) could reach 41.6 billion IoT devices by 2025.

These trends will accelerate as COVID-19 necessitates a workforce that is more mobile and distributed than ever. This means the need for a new cybersecurity approach must also accelerate.

No business can afford to operate as it did 10 or even five years ago. Organizations must be able to leverage technological innovation — particularly machine learning (ML) — to ease the burden on IT and be faster and more proactive.

Machine learning is one factor in a broader transformation. Organizations of all sizes must adopt a new model for scaling and delivering cybersecurity, one that looks at security holistically, from the data center to the edge to multiple clouds.

As someone who has spent an entire career on the front lines of cybersecurity, it is my firm belief that a platform approach is the only possible path we can take. It is the only way to effectively eliminate the inefficient silos, disparate products and reactive models that no longer work in a far more complex threat environment.

What’s a platform approach?

First, let me be clear about what I mean by a platform approach. I’m talking about reimagining cybersecurity from the ground up. With ML, cloud computing and the evolution to a modernized IT stack, there’s an opportunity and mandate to go against the nature of traditional cybersecurity models.

We need to be consolidating and moving to fewer, more encompassing solutions. We need open platforms that enable the continual and seamless integration of security functions without asking organizations to constantly deploy new technology.

We should also use machine learning in cybersecurity, for everything from proactive prevention to integrated IoT security to ML-based policy recommendations for all endpoints.

Accomplishing this will require drilling down to the architectural level. Think of a future in which there is one agent for every workload and one agent for each tool or device used. Everything else is consumed as a service, with new services created on top of the platform.