Enterprise security professionals and risk officers today are faced with many daunting challenges. Not only do they have to keep up with dynamic and rapidly evolving threats intruding on their networks, but they also must make informed, intelligent decisions about how to spend their security budgets on solutions that can offer the best protection possible to minimize risk.
Today’s threat actors operate on a global scale, and their intelligence is crowdsourced to gain insight and speed over defenders and solution providers. The result is clear: weaknesses and workarounds appear within hours, days or weeks of a new security product or feature appearing in the market. In contrast, defenders typically operate in isolated silos with limited interaction between the frontline of innovation and the frontline of enterprise defense.
Enterprises struggling to improve their security posture must realize that their best defense today often won’t come from the larger, established players who have been around for decades. Rather, the most disruptive ideas and innovations will come from startup companies that offer a new way of thinking to solve these ever-evolving cyber threats.
So how can entrepreneurs of security startups with innovative ideas and budding technologies bring these solutions into the market to help the cybersecurity and even enterprise physical security community improve its defenses? Startups routinely struggle to gain the attention of enterprise Chief Risk Officers, Chief Information Security Officers and their teams. Bridging the chasm between innovators, operators, and stakeholders is critical to proactively addressing the increasingly aggressive and clever global threat-scape.
There is a huge opportunity to change the cyber battleground in which these startups out-think and out-innovate the threat actors. This requires the creation of pathways for innovators to test and temper their ideas with real customer challenges. First and foremost, the investment community must continue to put its dollars into the cybersecurity market. They should play a major role so that innovators can keep finding the financial support necessary to move quickly from proof-of-concept to generally available capabilities. It’s imperative that this kind of funding continue in this market.
The analyst community can help these startups in a major way to reach their potential customers since they have access to the enterprise security end users who want recommendations on which technologies to buy or purchase. Today, the analyst community is focused on the mainstream market of products and solutions in order to serve the needs of the customer majority for security products. However, it can take years for a fresh idea to reach the pages of industry analyses and reports. There is a major need and a market for a new type of analyst report that would encompass new innovations in a format like Gartner’s “Magic Quadrant” reports that would identify and help position and compare the freshest ideas coming from newer companies, especially those who are trying to create a new market.
Also, young companies and startups should not shoulder the economic burden of conducting this research and consuming analyst services on their own. Instead, the analyst and customer communities should consider it part of their cost of business to assist these startups in order to better their own services. The potential for positive impact is high in promoting significant acceleration of the innovation cycle that today stalls at the door of the customer community.
Moving forward, responsible enterprises must earmark and allocate a portion of their security budget to support the time and resources necessary to interact with emerging companies and accelerate the availability of new solutions in their existing resources of products and tools. While this may seem counterintuitive in the face of budgetary restraint, it will quickly become an investment whose return is realized in the form of reduced enterprise risk.
Only by accelerating innovation into the mainstream can we – as an ecosystem of innovators, operators, stakeholders and investors – begin to win the battle in cyberspace.