The cybersecurity threat landscape has grown far more dangerous in recent years. Criminal hackers are increasingly hijacking private data through ransomware attacks and other breaches, while nation-state actors are getting bolder in their efforts to inflict damage on rivals or steal intellectual property. As an example, Russia managed to infiltrate parts of the federal government’s email systems in 2020.
Adding to the risk is the accelerating trend of organizations moving their data and applications to the cloud. Faced with these threats, organizations need next-generation security options that can keep pace with hackers’ evolving capabilities. Fortunately, cybersecurity vendors are rising to the challenge by developing innovative solutions.
The cybersecurity industry is incredibly fragmented, with up to 3,000 different vendors according to some estimates. Within this group, security companies with cloud-first technology platforms are driving much of the industry innovation—and are well positioned to continue to drive strong growth.
As work moves to the cloud, security technologies follow
Traditional digital security was focused on protecting an organization’s client/server infrastructure. In recent years, the megatrend known as digital transformation has been creating demand for next-generation security tools, but urgency spiked when the COVID-19 pandemic forced organizations to put more of their workloads in the cloud.
Now, the top priority for most organizations is securing data, applications and devices in the new work-from-anywhere world. A CISO at Mizuho’s recent Cybersecurity Summit said he expects to have 50% or more of his company’s security technologies based in the cloud within the next 2-3 years—up from just 20%-25% today.
Critical links in the cloud security chain
Cloud security architecture is made up of several different technologies and sub-segments, allowing vendors to take different approaches to addressing organizations’ critical tasks and biggest security concerns.
CrowdStrike is one of the leading cloud-native vendors, because of its integrated and highly scalable platform that secures endpoints and cloud workloads. CrowdStrike also recently strengthened this platform with the acquisition of a private company, Humio, which provides real-time data analysis to help rapidly detect threats that may have infiltrated an organization.
Zscaler is another leading vendor, but its focus is more on the networking aspect of remote work and cloud computing. Zscaler’s technology turns regular internet connections into private and secure channels for employees to access web-based applications and services, as well as their companies’ internal data, servers and applications. Cloudflare is another networking-focused company with strong growth potential thanks to a viral adoption model and culture of innovation. By continually upgrading its platform and introducing new features/products, the company has been able to expand its deployments within companies and move customers into higher priced tiers.
A top priority for most organizations is employing identity and access management—a system that authenticates each user and restricts what data or applications they can use. By continually verifying whether a specific user is authorized to access different parts of an organization’s infrastructure, identity and access management helps prevent hackers from moving laterally through an organization if they have managed to compromise an employee’s login credentials. Okta was already a leader in the identity management space, but its position has grown stronger thanks to the company’s recent acquisition of Auth0, which provides tools for developers to build identity and access management into their own applications, web services and devices.
The strong platforms are poised to get stronger
With organizations’ increased focus on moving security technologies to the cloud, well-established cloud native or cloud-first vendors are in the best position to use their existing platforms to attract new customers and increase spending from existing ones. We expect to see leading vendors make more acquisitions of smaller players with strong technologies that solve certain pain points which, in turn, will help these vendors further strengthen their platforms and build market share.
Cybersecurity will remain akin to a cat-and-mouse game, with hackers developing new techniques that force organizations to react and evolve. But in that environment, vendors that offer flexible, scalable solutions that allow companies to move quickly—or even anticipate the next threat—will benefit from this growing demand.