Guest Post by By Leonid Belkind, CTO and Co-Founder of Torq
As we’ve all seen, virtually every economic authority, including the US Federal Reserve, European Central Bank, The Swiss Government, and Morgan Stanley, is predicting a macroeconomic slowdown across 2023. While there is debate about whether it will be a bump in the road or a recession, everyone agrees that in general, spending will be curbed, and that organizations will, at minimum, be looking to do more with their existing resources.
So, what does this mean for the cybersecurity industry? It will have to acknowledge what its customers and prospects are dealing with and be sympathetic to their situations. However, it is also not without its opportunities. The fact is, IT and security professionals will be looking for ways to drive more value from their existing security stack, rather than adding more point solutions to it.
Cyberthreats Don’t Pause During a Downturn
Another critical point is that there is uniform agreement that evolving cyberattacks will continue relentlessly. Threat actors will evolve to become more cunning, with novel new approaches for deploying threats, and manipulating users. Therefore, the cybersecurity attack surface is certain to expand, not contract. No-one in the cybersecurity ecosystem can stand on their laurels during an economic downturn. Cyberattacks have the potential to create monumental, well-documented economic damage that can exacerbate economic challenges in an already difficult financial environment.
Cybersecurity companies need to emphasize their proactive capabilities over the historic reactive element in these economic circumstances. If they position themselves as a critical, protective layer, it will go a long way to cementing the essential nature of their offerings. Simply talking about how they handle crises once they’ve begun is no longer good enough. Optimally, cybersecurity firms should emphasize how their offerings harness early threat intelligence signals and build defenses against them into their workflows and processes.
Democratizing Security Contributes to Cost Efficiencies
Another consideration for cybersecurity companies is the potential to increase democratization of security responsibility across customer and prospect organizations. Part of maximizing value involves security processes that focus on shared responsibilities, in which employees, R&D, DevOps, and IT are true partners and collaborators in protecting their organizations. An example of this is how security automation is now moving towards validating end users’ identities, and enabling them to have temporary security clearances to engage in system updates, credential retrieval, and remote access with dramatically minimized risk. This is enabled through integration across communications and project management tools, anchored by workflows that ensure accurate verification and access controls.
Cybersecurity companies also need to look at the security ecosystem as one that is interconnected, instead of being a siloed collection of point tools. Organizations are now demanding that previously-disparate security systems talk to each other. Platforms, applications, and tools must become interoperable and interconnected, for comprehensive management, monitoring, and measurement.
Vendors that listen to what organizations are looking for and calibrate their offerings to map to a holistic ecosystem view are the ones that are likely to have the most success in 2023 and beyond.
Geopolitical Strife is Another Key Factor
Another important contextual element that pairs with the macroeconomic situation is the geopolitical climate. The two are connected across multiple junctions. Cybersecurity companies must continue to push the envelope of their offerings to address the needs of organizations that exist within geopolitical difficulties. They need to make their offerings essential even during times of deep uncertainty and instability.
Without engaging in any vulture-like tactics, vendors must consider how customer priorities intersect at the nation-state level with companies operating in conflict zones. There are business opportunities available–ones that fundamentally positively contribute to resilience of both business and country. However, vendors need to carefully navigate through complexity and ensure their offerings and messages are accurately in tune with the difficulties the organizations are facing.
Taking a broader portfolio view focused on addressing critical customer challenges is key. Instead of looking inwards, cybersecurity companies must look outward and approach their markets with a view that’s sympathetic to what organizations are experiencing and adjust their strategies accordingly. So, indeed, while the macroeconomic climate is stormy, it is possible to chart a clear path forward beneficial to vendors and customers alike.
About the Author
Leonid Belkind is a co-founder and Chief Technology Officer at Torq, a no-code security automation platform. Prior to Torq, Leonid co-founded, and was CTO of Luminate Security, a pioneer in Zero Trust Network Access and Secure Access Services Edge, where he guided this enterprise-grade service from inception, to Fortune 500 adoption, to acquisition by Symantec. Before Luminate, Leonid managed engineering organizations at Check Point Software Technologies that delivered network, endpoint and data security products to the world’s largest organizations.