Why We Still Get Hacked: Security Experts Weigh In

HALF MOON BAY, Calif. -- Rutberg Future Mobile Conference -- There are hundreds of security startups. Billions of dollars of funding. Yet every day, there are major hacks. Is the security technology industry broken?

Irony alert: Many of the startups funded to fight the hackers say we are losing the security war. In a series of cybersecurity panels here, the discussion turned to what needs to change about security technology to increase the protection of IT assets.

"Most products are failing badly at their job," said Amir Ben-Afraim, CEO of venture-backed startup Menlo Security. "There is a lot of confusion and inefficacy in the market."

This seems to be the consensus from many quarters of the industry. Twenty-one percent of the IT, security, and executive management surveyed for our recent report, Endpoint Security and SysSecOps, said they were regularly failing at securing endpoints and system management.

So what's it take? The results from the Futuriom survey, as well as feedback from panelists here at the Rutberg conference, indicates that part of the solution is more integration and coordination between security products and teams. There are too many flashing red lights, and not enough automation and organizational processes to respond to all of the security alarms.

Nir Polak, Co-Founder and CEO of Exabeam -- and a serial security startup founder -- said there are two major trends holding back security technology. First, he said, there is not enough integration among security products enabling them to exchange data. "They're not speaking to each other."

The second challenge, said Polak, is most organizations are having trouble staffing security operations. There are a reported 2 million open security job reqs in the marketplace, said Polak. "There are not enough butts in seats and eyes on screens."

The answer, according to Polak, is more automation. The people have to be replaced with automated responses.

John Donnelly, a partner with Wing, a VC firm that invests in the security space, agrees that the lack of security expertise presses the need for more automation. "The lack of qualified sec ops candidates is forcing the enterprise to re examine process," said Donnelly. "Feed automation and strong case management are at the top of the list of priorities."

Futuriom research bears this out. In the survey results shown below, which had a total of 149 responses, 55 percent of respondents wanted better protection of endpoints, 38 percent seek consolidation of tools, and 30 percent are looking for more automation.

Q: Which of the following are your top security goals? (149 respondents; multiple choices allowed)

Security also needs to be integrated with other aspects of IT operations, such as corporate identity, says Mike Ellis, CEO of ForgeRock. Ellis points out that most corporate systems have separate and antiquated identity systems -- many of which could be integrated to give both customers and employees a better experience.

"Let's solve the corporate problems around digital interaction," said Ellis.

Stuart McClure, founder and CEO of security startup Cylance, told an audience in a cybersecurity session that most products are reactionary and that advanced machine-learning technology is needed to advanced the industry.

"Until the entire industry adopts model-building and machine learning, they will always be in reactionary mode. We are in the middle of this major revolution. WannaCry and a few others are going to change that."

McClure also reiterated that more cooperation in the industry could be helpful.

"The thing I really hate is that everybody just tears everybody else apart," said McClure, referring to security companies attacking each other. "If we spent 10 percent of this energy and putting it into technology we wouldn't be in the situation we are in."

So where does it all lead? The flood of new security products may not be helping, because security operations specialists say they are overwhelmed by the time it takes evaluate products. Enterprises are being pitched every day. The security bubble shows no sign of slowing down -- with billions flowing into the space. As we reported here, there were some $400 million in deals just last week. A recent survey of the landscape yielded more than 500 security startups.

The next wave in security is probably around integration and orchestration of security tools, as Polak has pointed out. Integrating security tools is a major goal of the trend that Futuriom has described as SysSecOps -- tying together security operations tools and systems management tools -- which can have beneficial effects in securing the enterprise.

For more information on trends in endpoint security and SysSecOps, read our new report -- Endpoint Security and SysSecOps: The Growing Trend to Build a More Secure Enterprise. The download is totally free (registration required).