How Security Became a Pain in the Glass
It’s Wednesday at RSAC and I’m sitting down for my tenth briefing of the week with some friendly clients. One of them asks how the conference is going so far. “If someone says ‘single pane of glass’ one more time, I might throw them through one,” is my (probably too snarky) response.
I must have heard the phrase almost as many times as ‘platformization’ and ‘agentic AI’ in my meetings. Everyone is selling a single pane of glass, but few of them are offering an explanation for how we ended up juggling broken pieces in the first place.
To take a step back, when I look at the state of security today, it’s a mess. Few other industries as critical to the protection and prosperity of our society suffer from so many critical issues. We have no common structure, lifecycle management, and as much ambiguity as you could ask for. From hardware and software that’s 25+ years old, to a lack of requirement that vendors use common frameworks or schema, security teams are usually running so hard to try to keep up with a rapidly advancing and expanding threat that they don’t always notice vendors are building roads that don’t connect or take the straightest path to their destination.
I’ve spoken before about how venture capital and private equity firms created a silo farm, in that when investors are looking for ‘differentiation’ and intellectual property, there is little incentive to create shared knowledge or interoperable competing technologies. In the same way, many of the largest companies in security also became investors and acquirers, choosing to let young and scrappy startups do the hard work of innovation, then buying up the technology.
On our end, research analyst wants to make a career by coining a new acronym to describe an emerging technology, resulting in ever-fragmenting technologies. On the vendor end, every product marketer is out there trying to make a career by creating a new product category. This results not only in frequent vendor-analyst mismatches, but also in an alphabet soup that almost no one wants to swim in, especially CISOs.
This soup eventually gets too cluttered and customers cry for simplification. Growth by acquisition has been the norm for years, but acquisition and integration are two very different things and legacy vendors have been lagging in the latter for a long time, relying on a front-end abstraction layer to ‘unify’ their tools.
Of all the companies I spoke to at RSAC, a grand total of ONE legacy company (over 10 years old) spoke about the backend of their platforms and the need for them to make sure the tools they bought are properly integrated into them (congrats, Cisco).
Are you really selling a platform if you bought a bunch of stuff that doesn’t really talk to each other and has to be configured in completely different ways for each data source and destination? A single pane of glass isn’t several things that need to be glued together before you can even think about looking through the window.
Absent a common schema (sorry OCSF, we’re not there yet), vendors, and eventually customers, end up with an enshitified platform experience (shout out Cory Doctorow).
If you can believe it, I have even worse news for legacy vendors. Many of the younger, faster growing companies offering platform solutions ARE focused on the backend and vendor integration experience. New or legacy, platform vendors are dependent on partnerships and integrations, channel selling, and stickiness to sustain growth. Many big vendors make it difficuly for a hot new vendor to integrate into the backend of their platform. Many hot new vendor have small teams, only capable of delivering a set number of integrations. If other vendors are making it easier to integrate and find a faster route to pipeline, those hot new vendors are going to choose the partner who makes it easy to deliver and maintain integrations.
I’ll get to writing about the specifics of RSAC’s common themes, but I want to make sure we acknowledge that the entire economic model for security needs an overhaul. Attackers share information, open source technology, and don’t wait for younger hackers to innovate for them. Until large companies do the same, we can’t look the other way as they hide the rocks and start gluing together their pane in the glass.
