Cloud security market consolidation is off to a strong start in 2024.
January 9th, Privileged Access Management Company Delinea announces acquisition of Automizeis a maker of tools to detect and respond to identity-based threats in the cloud.Last week on January 3rd, Integrated Enterprise Security Company SentinelOne reveals it has acquired PingSafe and leverage the company’s Cloud Native Application Protection Platform (CNAPP) to power its cloud services.
Also on January 3rd, SonicWall Announces Acquisition of Banyan SecuritySonicWall President and CEO Bob VanKirk said in a statement announcing the acquisition that the company is a maker of zero trust cloud solutions and aims to combat threats in the cloud space. Stated.
“Cybersecurity focus is shifting to more dynamic solutions that can adapt to the evolving threat landscape of the cloud era,” VanKirk said in a statement. “For many years, firewalls have been the cornerstone of cybersecurity defenses. However, with the rise of cloud computing and secure access service edge (SASE), the industry is shifting its focus to a more comprehensive and flexible approach.”
As businesses continue to move their operational infrastructure to cloud services and platforms, they are increasing their focus on both the security of that infrastructure and the threats targeting cloud-native operations, said Charles Winkles, senior director analyst at business intelligence firm Gartner. He says he wants to visualize things better.
“We’re seeing organizations that have moved to the cloud and not really been aware of it from a security standpoint, and now they’re trying to address it because the business side was doing it,” he said. says. “So this tool is becoming increasingly important again.”
As the demand for better cloud security increases, security companies are increasing their focus on two key areas: products and services that support Zero Trust security architectures, and products that strongly leverage machine learning and artificial intelligence. We are looking at integrations to enhance our product.
Zero Trust is No.1
SentinelOne’s acquisition of PingSafe is not the first deal focused on zero trust. In 2022, the company will Acquired Ativo Networks Add identity threat detection and response technology. This helps mitigate a critical threat in cloud infrastructure: attackers with legitimate credentials.
Other companies are also focusing on strengthening zero trust authentication. Cisco acquires Isovalent In December, it acquired the company to improve visibility and protection of cloud workloads, and in March, it acquired Lightspin to strengthen its cloud security offerings.
Jim Reavis, CEO and co-founder of the Cloud Security Alliance, said enterprises are moving to zero trust capabilities across cloud security and are looking to strategic partners to deliver those solutions.
“When business consumers make the leap to a cloud-first strategy, they typically choose a strategic technology partner,” he says. “As their needs grew, they asked strategic partners to expand their services, often requiring M&A.”
Gartner’s Winkless said a crowded cloud security market and economic concerns may be giving many startups a shorter runway to financial break-even, with a growth mindset giving way to consolidation. He said that he is becoming increasingly concerned about the possibility of this happening.
“There are so many vendors out there, and it’s probably at a time when economic conditions aren’t as great to buy products,” he says. “Venture capital investment is definitely trending down a bit, so some of these companies will need to be acquired to continue to be funded.”
AI rescue
Enterprises are looking to vendors to provide AI capabilities that improve operational asset visibility, threat identification, and incident response efficiency. Naturally, vendors are looking for ways to provide these benefits.
According to CSA’s Reavis, while zero trust capabilities are most sought after, enterprises also don’t want to be left behind in the race to adopt AI to reap the benefits of cloud security. Over the past year, companies have focused on effective ways to apply AI to cloud security, he says.
“The biggest area of inquiries we receive is around generative AI and what we see as ‘co-piloting’ of cybersecurity solutions,” he says.
In December, CSA launched an AI safety initiative to ensure processes do not compromise cloud security.
This trend will continue in 2024, with companies going beyond promises and looking for practical ways to apply AI to cloud security, said CEO of Kquika, a data analytics startup focused on the aviation and travel sectors. said Victor Oribamise.
“We expect to see increased adoption of AI and machine learning (ML) for threat detection, incident response, and anomaly identification,” he says. “These tools help sift through the noise to identify the real threats, freeing up human analysts for more strategic tasks.”
Companies integrating for the long term
CSA’s Reavis says the decision between adopting the “best of” technology or a tightly integrated “good enough” solution is always on the minds of businesses. But the simplification of cloud security stacks is secondary to the consolidation seen in today’s market, he says.
“Right before and during the pandemic, there was a significant influx of capital into cloud-native security solutions,” Reavis said. “Investors were fundamentally betting on the security of the cloud, and capital markets started to tighten in mid-2022, driving a natural consolidation cycle.”
Gartner’s Winckless said the integration is not about creating a single cloud security provider for enterprise needs, but rather about simplifying operations and improving visibility and detection capabilities. states.
“Actually, that’s not the case. [businesses] “We would like to work with a single vendor, but if we do, there are clearly some candidates who are doing very well in this space,” he says. “I think organizations are looking for a set of integrated platforms that span multiple domains” with better visibility and more consistent security. ”
Whether recent acquisitions lead to more comprehensive and integrated security will depend on how well cloud security providers such as SentinelOne, SonicWall and Delinea are able to address recent acquisitions, he added.