HelpNetSecurity.com posted a rather provocative article recently that postulated that the reason why cybersecurity was failing is due to ineffective technology. Although we can see how many might consider this to be an accurate representation of the cybersecurity industry right now, we at Wedge would have to disagree on whether this is a completely accurate picture. Although there might be a lot of heavily marketed but ineffective technologies on the market right now, there are also several innovative companies whose technologies will potentially disrupt the industry and fix some of the failings that are evident out there.
The article and underlying report by DebateSecurity.com does touch on a few key ideas as to why the industry finds itself in this interesting case of misperception; such as efficacy issues (with many solutions not really performing as they are advertised), which leads to trust issues by CISO’s who buy a solution and then “cross their fingers and hope that the technology works”. The other key idea being that it is also an economics problem, with an “asymmetry between the parties that prevents buyers from effectively evaluating technology” and that it “incentivizes vendors to bring sub-optimal solutions to the market”. Apart from governments, very few buyers in the market have the ability to use detailed and independent cybersecurity efficacy assessments as part of their procurement process. For the most part it is because it takes time and resources to conduct assessments on several solutions to find the best one for the organization’s use case. As such, they often end up going with the solutions with the most advertised features or on the ones that have the best marketing, instead of putting the priority on the actual efficacy of the solution itself. Basically, buyers end up typically looking for the least expensive solution that can do the “most” for them. Because of the conflicting goals between the buyer and the seller, the “sub-optimal” solutions often end up being sold based on price or “advertised features”.
When it comes down to it, the unfortunate result of the long-standing disconnect between buyers and sellers in the cybersecurity space has resulted in the acceptance of ineffective technology as being “normal”. Companies / buyers will often only be able to perhaps try only a couple of solutions and then end up basically taking a risk on one of them; “hoping” that it actually works for their organization.
So, what are some of the suggestions that the article and the report make for solving this issue? There are four characteristics that have been broadly agreed upon as requirements for comprehensively defining cybersecurity technology efficacy. These are that the solution:
1. Must have the capability to deliver the stated security mission (fit-for-purpose)
2. Must have the practicality that enterprises need to implement, integrate, operate and maintain it (fit-for0use)
3. Must have the quality in design and build to avoid vulnerabilities and negative impacts
4. Must have its origins from a vendor company, its people and supply chain, such that no additional security risks are introduced.
The thought is that in order for changes to start happening to the cybersecurity industry, coordinated action between all stakeholders (buyers and sellers) would have to occur and that it might only be achieved through regulation. Several respondents to the DebateSecurity report stated that a transparent assessment of technology could help to solve what is essentially a breakdown in the market, and that setting standards on technology assessments, instead of the technology itself could help to prevent stifling innovation that might occur otherwise.
When it is all said and done, the big challenge for cybersecurity professionals is trying to select effective technologies for their organizations. Unfortunately, the pressure is on them to choose the right technologies with limited assessment resources, especially when buying the wrong solution may see them looking for employment elsewhere.
So, why does Wedge disagree with the overall premise of HelpNetSecurity’s article? Well, for one, we feel that we are one of those innovative companies whose technologies is seeking to disrupt the industry! We have patented technologies that have proven their effectiveness time and time again and we are starting to win converts with our Real-time Threat Prevention approach to cybersecurity. Unlike many of the larger solution providers who rely on the big marketing budgets to sell their products, Wedge has been quietly winning customers over with our innovative orchestrated threat management platform. We base our solution on our patented high performance SubSonic Engine and Deep Content Inspection technology that enables us to go further than other solutions by reassembling packets into their MIME objects so that we can “see” the intent of the content. Over the years, with our Open Service Bus, we have been able to take the best-of-breed security services on the market and run them on our high performance platform to offer the best of the best that is available. More recently, we have also incorporated automated and continuously learning AI / Machine Learning neural networks to help in the ongoing cybersecurity battle. This allows our Wedge Absolute Real-time Protection platform to now be able to even recognize zero-days and never-before-seen malware, blocking it in real-time! And, as new technologies are developed, we’ll continue to add them to our platform…
When it comes down to it, Wedge has always focused on creating highly effective cybersecurity technologies, right from the start. We have been and continue to be a company focused on innovation. That is why we feel that by painting the whole industry with the same brush and stating that it is failing because of ineffective technology does companies like ours, who are bringing innovative and effective solutions to the industry, a big disservice. Hopefully, the companies out there who are peddling ineffective solutions will soon be displaced by innovative solutions like ours. To find out more about some highly effective technology in the Cybersecurity industry, feel free to contact our team at: info@wedgenetworks.com.
