Cybersecurity CEO: How To Invest In Your Organization’s Technology Stack

August 14, 2019

People, process – then technology – will address the greatest challenges we all face in cybersecurity.

Robert Herjavec

Los Angeles, Calif. – Aug 14, 2019

Last week I sat down with Oliver Renick from TD Ameritrade’s Market On Close to talk about the state of the cybersecurity market. We covered cyber investments, acquisition activity, and innovation trends in endpoint and cloud.

The market shifts we discussed may impact how you choose to invest in your organization’s technology stack. It’s important to understand why some acquisition activity is happening, and identify which players are in it for the long haul.

As I said – never underestimate the need for a large corporation to make a dramatic move. With the recent Broadcom/Symantec acquisition we can anticipate synergies including organizational efficiencies, cross-account selling, and technology advancement through software development.

Symantec competes against CrowdstrikeCiscoPalo Alto NetworksMicrosoftZScaler and others in a very crowded endpoint market. We spoke a lot about Crowdstrike during the segment and yes I’m a fan, but even more importantly, I wanted to highlight how we’re seeing a resurgence in the endpoint space.

Over the last couple of years, we had moved away from the endpoint conversation and focused on Identity as the Perimeter. Don’t get me wrong – every organization needs an Identity Program and should develop an Identity Management Layer to support its data warehouse, privileged access policies, and overall workflow management. The important thing to remember is Identity is not mutually exclusive to the endpoint. It’s not one or the other.

Managed EDR (Endpoint Detection and Response) and MDR (Managed Detection and Response) services are hotter than ever. In my opinion, it’s coming down to the workflow orchestration required to support the 24/7 visibility enterprises are rightfully expecting today. Enhanced visibility leads to more changes, more configuration, more work, more discipline, more playbooks, more resources – you get the point. Basically, a combination of more people and process…

I make cyber investment decisions for our Herjavec Group portfolio the same way I encourage you all to think about your technology stack decisions in this space.

  • How significant is the addressable market for a given technology?
  • How quickly can the organization being evaluated grow and penetrate the market?
  • How disruptive is the technology?
  • How strong is the business operation in terms of revenue and profit growth?
  • How does the product change my business operations today?
    • Does it optimize my practice or protection in some way?
    • Does it reduce costs?
    • How is it changing the game for me?
  • How does the product impact my visibility and defense (proactive or reactive)?
    • Is it helping me mature against an industry framework for example?
    • What capability to I gain?
  • What support do I need (internal or third-party) to make the product successful?

Despite our conversation about “what’s old is new again” (yes I mean the endpoint), remember that the cybersecurity market is still in its infancy stage. Innovation is inevitable – and welcomed! You have to always keep in mind that no matter how you describe the latest cyber product offering – old, hot, sexy, flashy, innovative, disruptive — you get the idea — it doesn’t change that our cyber philosophy should always be People, Process, THEN technology. Yes in that order.

There’s an incredible re-alignment happening in our industry right now. Product companies are highly competitive, and each cyber market is getting more and more crowded. Don’t be fooled by all the noise.  No matter the product decision, you can’t eliminate the people and process side. Think –  People, Service Providers, Governance, Administration, Management, Testing, Assessments, Compliance.

I repeat PEOPLE, PROCESS – then technology are what will continue to address the greatest challenges we all face in cybersecurity.

The market complexity of new entrants, acquisitions and IPO activity isn’t going to slow anytime soon. I’d love to hear your thoughts as we continue this important conversation.

Check out the full segment for Market on Close from TD Ameritrade.

To Your Success,

Originally posted on cybersecurityceo.com


About Herjavec Group

Dynamic entrepreneur Robert Herjavec founded Herjavec Group in 2003 to provide cybersecurity products and services to enterprise organizations. We have been recognized as one of the world’s most innovative cybersecurity operations leaders, and excel in complex, multi-technology environments. Our service expertise includes Advisory Services, Technology Architecture & Implementation, Identity Services, Managed Security Services, Threat Management and Incident Response. Herjavec Group has offices and Security Operations Centers across the United States, United Kingdom and Canada.

Stay Informed

Follow us on Twitter

Connect with us on LinkedIn