75% of organisations pursuing security vendor consolidation

Gartner has released a survey which shows that 75% of organisations are pursuing security vendor consolidation in 2022, up from 29% in 2020.

A recent survey by Gartner has found that 75% of organisations are pursuing security vendor consolidation in 2022, up from 29% in 2020.

John Watts, VP Analyst at Gartner, says: “Security and risk management leaders are increasingly dissatisfied with the operational inefficiencies and the lack of integration of a heterogenous security stack.

 “As a result, they are consolidating the number of security vendors they use.”

The survey found that 57% of organisations are working with fewer than 10 vendors for their security needs, as they are looking to optimise to fewer vendors in key areas like secure access service edge (SASE) and extended detection and response (XDR).

The survey was conducted online during March and April 2022 among 418 respondents from North America, Asia Pacific and EMEA. Its objective was to determine organisations’ security vendor consolidation efforts and priorities and the drivers and benefits of consolidation endeavours.

Gartner analysts are discussing how organisations can shape their security vendor strategy and projects during the Gartner Security & Risk Management Summit, taking place in London this week. 

Improving risk posture is the number 1 benefit of consolidation

The survey found that organisations want to consolidate their security vendors to reduce complexity and improve risk posture, not to save on budget or to improve procurement. Sixty-five per cent of surveyed organisations expect to improve their overall risk posture, and only 29% of respondents expect reduced spending on licensing.

“Cost optimisation should not be the primary driver for vendor consolidation,” said Watts. “Organisations that look to optimise costs must reduce products, licenses and features, or ultimately renegotiate contracts.”

Organisations that have not pursued security vendor consolidation yet indicated that the two primary impediments to consolidation were time constraints and having a vendor partnership that is too rigid (34% of respondents for each answer).

SASE and XDR are opportunities for consolidation

Lengthy procurement processes or requests for proposals are allowing for consolidated offerings, such as XDR for endpoints and SASE for edge connectivity and security with integration on the backend.

The survey found that 41.5% of respondents plan to have adopted SASE within their organisations by the end of 2022, while 54.5% of organisations have plans to adopt XDR by the end of 2022.

“Security and risk management leaders must consider XDR and SASE as compelling options to start their consolidation journey,” said Dionisio Zumerle, VP Analyst at Gartner. “SASE provides secure enterprise access, while XDR focuses on detecting and responding to threats through increased visibility on networks, cloud, endpoints and other components.”

In fact, the survey found that 57% of organisations resolved security threats faster after implementing an XDR strategy. More than half of surveyed organisations use SASE projects to simplify network and security policy management and improve security posture.

“While 89% of surveyed organisations want SASE and XDR to work together, security and risk management leaders will often opt to keep them distinct from one another but ensure they can interoperate,” said Zumerle. “This is an approach validated by 46% of surveyed organisations, which allows for flexibility to select best-of-breed functionality.”

“Security and IT leaders should plan at least two years for consolidation as it takes time to effectively consolidate and consider incumbent vendor switching costs,” said Watts. “It is also important to anticipate vendor M&A disruption as the security market is always consolidating but never consolidated.”

Share

Featured Articles

How secure is sensitive data stored in the cloud?

A Cloud Security Alliance (CSA) survey has found 67% of organisations store sensitive data in public cloud environments, but how secure is it?

CYBER LIVE LONDON: Day 2 highlights of the hybrid tech show

We take a look at highlights of the different stages at the Tech Live London show, including insights from Claroty, SalesForce and Oracle

TECH LIVE LONDON: An overview of the hybrid technology show

We take a look at the first day of Tech Live London with insights from technology leaders from companies such as IBM, Microsoft and Vodafone

Does a cashless society mean higher risk of fraud?

Cyber Security

5 minutes with Gary Brickhouse, CISO of GuidePoint Security

Cyber Security

CTO at Passbolt explains the importance of password managers

Application Security