Cyber Security News / Security Leadership and Management

Boosting Cybersecurity Agility with Startups’ Innovation

Enterprise security professionals and risk officers today are faced with many daunting challenges. Not only do they have to keep up with dynamic and rapidly evolving threats intruding on their networks, but they also must make informed, intelligent decisions about how to spend their security budgets on solutions that can offer the best protection possible to minimize risk.

Today’s threat actors operate on a global scale, and their intelligence is crowdsourced to gain insight and speed over defenders and solution providers. The result is clear: weaknesses and workarounds appear within hours, days or weeks of a new security product or feature appearing in the market. In contrast, defenders typically operate in isolated silos with limited interaction between the frontline of innovation and the frontline of enterprise defense.

Enterprises struggling to improve their security posture must realize that their best defense today often won’t come from the larger, established players who have been around for decades. Rather, the most disruptive ideas and innovations will come from startup companies that offer a new way of thinking to solve these ever-evolving cyber threats.

So how can entrepreneurs of security startups with innovative ideas and budding technologies bring these solutions into the market to help the cybersecurity and even enterprise physical security community improve its defenses? Startups routinely struggle to gain the attention of enterprise Chief Risk Officers, Chief Information Security Officers and their teams. Bridging the chasm between innovators, operators, and stakeholders is critical to proactively addressing the increasingly aggressive and clever global threat-scape.

There is a huge opportunity to change the cyber battleground in which these startups out-think and out-innovate the threat actors. This requires the creation of pathways for innovators to test and temper their ideas with real customer challenges. First and foremost, the investment community must continue to put its dollars into the cybersecurity market. They should play a major role so that innovators can keep finding the financial support necessary to move quickly from proof-of-concept to generally available capabilities. It’s imperative that this kind of funding continue in this market.

The analyst community can help these startups in a major way to reach their potential customers since they have access to the enterprise security end users who want recommendations on which technologies to buy or purchase. Today, the analyst community is focused on the mainstream market of products and solutions in order to serve the needs of the customer majority for security products. However, it can take years for a fresh idea to reach the pages of industry analyses and reports. There is a major need and a market for a new type of analyst report that would encompass new innovations in a format like Gartner’s “Magic Quadrant” reports that would identify and help position and compare the freshest ideas coming from newer companies, especially those who are trying to create a new market.

Also, young companies and startups should not shoulder the economic burden of conducting this research and consuming analyst services on their own. Instead, the analyst and customer communities should consider it part of their cost of business to assist these startups in order to better their own services. The potential for positive impact is high in promoting significant acceleration of the innovation cycle that today stalls at the door of the customer community.

Moving forward, responsible enterprises must earmark and allocate a portion of their security budget to support the time and resources necessary to interact with emerging companies and accelerate the availability of new solutions in their existing resources of products and tools. While this may seem counterintuitive in the face of budgetary restraint, it will quickly become an investment whose return is realized in the form of reduced enterprise risk.

Only by accelerating innovation into the mainstream can we – as an ecosystem of innovators, operators, stakeholders and investors – begin to win the battle in cyberspace.

Did you enjoy this article? Click here to subscribe to Security Magazine. 

You must login or register in order to post a comment.



Image Galleries

ASIS 2013 Product Preview

ASIS International 59th Annual Seminar and Exhibits, September 24-27 in Chicago, Illinois, will include an exhibit hall packed with innovative security solutions. Here are some of the products that will be shown at ASIS this year.


Virtualization and Data Center Security: What You Need to Know for 2014

Data centers are increasingly becoming the center of the enterprise, and data center and cyber security is following the same path for security departments. According to Justin Flynn, a consultant at the Burwood Group, the virtualization of data centers allows enterprises to scale more easily and faster, with a smaller footprint.

However, hosting enterprise data in the cloud can make intrusion detection more difficult – how can enterprise security leaders team up with other departments to keep aware of cyber risks and traffic, and physical and data compliance during the virtual transition? How can CISOs and CSOs discuss cyber threats with the C-Suite to get the resources they need? And how can the proper infrastructure test and verify possible malicious attacks? 

More Podcasts

Security Magazine

September 2014

2014 September

In the September issue of Security Magazine, find out who this year's most influential people are in the security industry are. Also, take a peek at the technology products that ASIS 2014 will be showcasing at the upcoming event. Read about the lessons learned from security at the World Cup, find out why tactical medical training is a must for your enterprise and how Atlanta increased security by sharing surveillance.
Table Of Contents Subscribe

Adopting New Technology

How long do you wait before adopting a new technology?
View Results Poll Archive


CompTIA Security+ Certification Study Guide
CompTIA's Security+ certification is a globally-recognized, vendor neutral exam that has helped over 60,000 IT professionals reach further and higher in their careers. The current Security+ exam (SY0-201) focuses more on being able to deal with security issues rather than just identifying them.
More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.

Vertical Sector Focus: Critical Infrastructures

criticalhomepagethumbFrom terrorism to vandalism, it’s preparedness, response, training and partnerships. Learn about some of the critical security issues facing this sector.

Visit the Critical Infrastructure page to


Facebook 40px 2-12-13 Twitter logo 40px 2-12-13  YouTube  LinkedIn logo 40px 2-12-13Google+