By Dmitry Netis, Managing Director and Jordan Rupar, Vice President at Q Advisors
Amid the unpredictable challenges of the past year, a growing importance has formed around the mission-critical nature of security in virtually every area of IT. Far outstripping any other enterprise IT budget item, cybersecurity has become the main priority as the global pandemic has changed how people live and work. Moreover, cybercriminal activity has accelerated at an alarming rate. With most attacks targeting identity and credentials, 2020 concluded with one of the most complex cyberattacks in recent history — the SolarWinds breach.
As we move further into 2021, we expect to see six cybersecurity themes emerge. These themes will have a profound impact on how enterprises address security moving forward.
1. Heightened M&A and Investment Activity
The cybersecurity problem is far from being solved with new threat vectors surfacing every day. Heightened demand for solutions will continue to drive investment and M&A activity by cloud providers and legacy security and IT vendors as buyers.
As security infrastructure becomes a growing concern, MSSPs are positioned to capitalize on the demand from secure connectivity services, including endpoint protection, access control, analytics, and security monitoring within distributed network environments. These providers will become active as both buyers and sellers on the M&A front. Organizations will be securing and protecting all software, regardless of where it is found. Because of this, hybrid and cloud security platforms will be a technology focus, and we will see acquisitions increase in both the traditional and cloud native realms.
2. Shift to Integrated Security Platforms, Cloud Native and DevSecOps
Enterprises are in the throes of vendor fatigue, seeking simplified security products. With concerns about time efficiency, business friction, and wasted resources, businesses will begin to integrate a rigorous security framework. A trend toward integrated security platforms versus best-in-breed solutions is picking up, driving continued consolidation across security, software development (DevOps) and IT infrastructure.
Moreover, in the wake of the SolarWinds breach, more enterprises will adopt Secure DevOps (DevSecOps) processes. DevSecOps assumes organizations will shift responsibility for application security to developers earlier in the software development process. Security in M&A activity will also coalesce around developer-first security platforms like Palo Alto's acquisition of Bridgecrew did earlier this year.
3. The Emergence of Secure Access Service Edge Due to Remote Work Shift
Chief Information Security Officers (CISOs) are increasingly implementing zero-trust network access (ZTNA) architectures across enterprise networks. Zero trust is a security concept centered on the belief that organizations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access.
As part of this ongoing ZTNA strategy (ZTNA), secure access service edge (SASE) – the convergence of SD-WAN and security offerings delivered to the edge – has emerged as a fast-growing solution. This was driven by the need for branch offices and remote workers to access networks in a secure, cost-effective manner while, at the same time, not degrading application performance. Reflecting the marriage of enterprise networks and cloud security, SASE replaces the enterprise perimeter as the secure point of access and defaults to the worker's identity, allowing the network to be accessible from any device or location.
With a geographically dispersed workforce, SASE will cause traditional managed network providers to embrace advanced security capabilities at a more rapid pace, and much of this adoption will be through M&A, which will ultimately redefine the enterprise network and cybersecurity landscape.
4. Growing Opportunities for MSPs and MSSPs
With the shift to the cloud, many security solutions are now being offered as-a-service, creating growing secular opportunities for MSPs and MSSPs. In fact, spending on security services is well-outpacing spending on security software, with four times more dollars directed to cybersecurity services than any other area of IT.
MSSPs are also advancing their offerings to address the full security lifecycle in order to increase relevance in the enterprise. As a result, several managed security specialists have embraced the latest technologies and tactics, including Managed SIEM Providers and Managed Detection and Response (MDR / SOAR) Providers. Traditional managed cloud service providers will also become security specialists by adding security, through acquisitions or partnerships, to their core cloud and IT infrastructure solutions. An example is Green Cloud Technologies' recent acquisition of Cascade Defense, a full-service MSSP, which further strengthened the company's security product portfolio.
5. Evolution to Active Endpoint Management with AI/Machine Learning
Endpoint security focuses on locking down endpoints to keep networks safe. While endpoint security has traditionally taken a reactionary approach to threats across devices, a preventative approach is needed to address cyberattacks. Endpoint detection and response (EDR) becomes the result —a subset of endpoint security technology that addresses the need for continuous monitoring and response to advanced threats.
The complexities around managing EDR environments will cause increasing adoption of AI tools while accelerating consolidation in the space. With the lack of cyber resources presenting a primary challenge to organizations, AI/ML technology will be crucial to automate security procedures as companies face a growing number of cyber threat incidents.
6. Network Identity as a New Security Standard
Identity and access management (IAM) is about managing the roles and access privileges of individual network users and the circumstances in which users are granted those privileges. These capabilities were vital this past year and will remain crucial moving forward.
The objective of IAM systems is one digital identity per individual. Once that digital identity is established, it must be maintained, modified and monitored throughout each user's access lifecycle. Strong authentication capabilities married to an identity-as-a-service make up key attributes for data loss prevention, managing digital risk, and setting up zero-trust network environments. Unique digital identities will continue to serve the enterprise network perimeter in a post-pandemic world, accelerating enterprise adoption and M&A activity across a multitude of identity platforms.
As we begin to recover from COVID-19, corporate networks will see a shift towards mobility-enabling services, and the mindset of enterprise security will evolve. The market's perception of security as an enabler of product differentiation and customer confidence will become clear. Whether viewed as a cost center or an enabler, this will become a strong indicator of the organization's ability to implement a successful security strategy.
About the Authors
Dmitry Netis brings 25 years of unique background that combines finance, venture investing, sell-side equity research, and operational industry experience across the TMT sector. He currently serves as Managing Director, Business Development at Q Advisors.
Jordan Rupar joined Q Advisors in 2012, and currently serves as Vice President. She has executed numerous mergers and acquisitions, equity financings and strategic advisory assignments for clients across the TMT industries.