Why cybersecurity wants an API-first mentality
As software eats the world, data is also stored along the way, hampering progress and innovation in the company. Cybersecurity is far behind other industries in adopting an API-first mentality and has finally reached a breaking point.
Last year research results were compiled in the Cloud Security Alliance Cloud based Smart ecosystems and the Ponemon Cyber Resilience Study state:
- Organizations use an average of 47 different cybersecurity solutions and technologies.
- 69% say that their security team currently spends more time managing security tools than effectively preventing threats
- 53% say their security team has reached a tipping point where the excessive number of security tools in place is affecting security.
The company’s demands for digital transformation combined with “unprecedented” venture capital investments in cybersecurity in recent years have sparked the perfect tool proliferation storm for the modern day enterprise cybersecurity leader.
Other key departments such as financial services, sales, and marketing technologies have certainly seen similar supply and demand. Why is corporate cybersecurity still so isolated?
[Read: How this company leveraged AI to become the Netflix of Finland]
A common explanation, especially at this time of year, is the hint the skills gap in cybersecurity. Every year a barrage of statistics comes out of the usual industry rags, and we collectively lament the lack of talent in the industry and the seemingly unstoppable growth in the number of cyber security vacancies. At the end of last year, ISC (2) put the number of vacancies at over 4 million for an industry with around 2 million professionals.
We seem to have gotten into a vicious circle of buying more tools to fill the void in people only to find we don’t have enough people to operate the tools. This is what Chase Cunningham and others would call a “self-licking ice cream cone of misery”.
After two decades of demo duels on the user interface on conference floors and the question of derivations, how I get alerted. Is it any wonder that too many user-dependent products create too many alerts? Do we have a skills gap or is it a data integration gap?
Is it possible in other industries for cybersecurity to be this unique? In other industries there is a product class that represents the adhesive for the tools or applications. We urgently lack these in cybersecurity.
Phantom Cyber and its fast followers were the first attempts at security. Like Zapier, these stand-alone orchestration platforms are useful for cybersecurity, but that is exactly what Dave McCombs is aiming for The data-centric revolution: Restoring corporate sanity would be known as “IFTTs” – they can mimic human behavior by sequencing automated actions through APIs. They are API-first, but lack the data awareness that is critical to success with integration and automation.
In other industries we have seen an increase in successful API-first companies that are also data-centric and relate to an architecture where data is the primary and lasting capital and applications (tools) can come and go. Unlike Zapier or Phantom, which use data as input and action as output, these data-centric API-first platforms essentially have data as input and data as output. By simply focusing on data transformation and normalization through a robust API, they bring integration, order and automated results to their industry.
Takeaways – How do I know if this is the right API-first product?
- language – Is it about the data? Or is it about the tool? Is this product trying to be the “one-ring-to-rule-for-all” weaving in words like “single pane of glass”? Or is it a decoder ring that allows you to merge data across your various products that are supposed to be a “single pane of glass”?
- Inputs outputs – – Data centered Workflows where data is the input and data is the output. Works off the shelf with your core to discover and respond to tools / apps and standalone orchestration tools.
- Business model – Not rated by the user, always a different lever, data processing unit or a different number of integrations.
And if you still can’t tell, get a product demo. If all of the demo is in the UI, the product isn’t the first API, requires human cycles to manage, and while it may add new functionality, it won’t add to other investments you’ve made or increase the efficiency of your stack.
This article was originally published by Patrick Coughlin on TechTalks, a publication that examines technology trends, how they affect the way we live and do business, and what problems they solve. But we also discuss the evil side of technology, the darker effects of new technology, and what to look out for. You can read the original article here.
Published on January 28, 2021 – 14:00 UTC