All the World’s a Platform
“All the world’s a stage, and all the men and women merely players.”
–Shakespeare, As You Like It
The word “platform” originates from the Old French term “plateforme,” meaning “flat form” or “flat shape.” Its first usage in English referenced a raised, flat surface or stage. As a metaphorical usage emerged, it encompassed everything from political and business platforms, to now, technology platforms. In these cases, the platform is the base upon which multiple, protean components – like actors in a stage play – perform their various roles.
After a quiet period in cybersecurity investment and consolidation – driven as much by overinvestment as by interest rates – the platform approach to growth is gaining favor. Managed Security Service Providers (MSSPs) are contending with the proliferation of technology platforms already fitted with a wider array of interoperable capabilities. This could disrupt MSSPs aligned exclusively with a specific stack of tools or those over-reliant on proprietary tools that don’t interact well with a range of technologies. However, the vendor platform approach provides flexibility, scalability, interoperability, and the promise of ease-of-use. With these many benefits, it’s little wonder the market is consolidating around select platforms.
Despite this drive toward greater efficiency, industry observers were recently reminded of the downside of a “single throat to choke” approach. CrowdStrike, a massive vendor platform integrated with Windows servers throughout the world, sent a flawed security update on Friday, July 19th. The ensuing shuttered flights, communications, payments, food services, and more were a result of an innocuous mistake that CrowdStrike fixed relatively quickly. However, the time and monetary damages it caused to enterprises worldwide demonstrate the hazards of a single point of failure, especially if a malevolent actor were to target these systems. While the platform approach offers cost and efficiency advantages, and perhaps even better general security, breaches can become significantly more catastrophic when they do occur.
As usual, the value of the platform approach is highly dependent on the flexibility and adaptability of the platform itself. One approach is a platform that can interface with many different “best-of-breed” tools, while layering the observability, automation, and performance management that allows a cybersecurity professional the capabilities needed without vendor lock-in. Another takes automation to the next level, with AI built-in to allow continuous improvement and enhanced performance. A combination of approaches may be needed eventually, but in any case, the platform approach will need to evolve to remain viable.
Shakespeare professed that on the world stage, “one man in his time plays many parts.” This is the dream of the platform approach – that it may encompass every function, as needed. Yet Shakespeare, ever watchful, noted the mighty can be brought down by inherent, tragic flaws. In the M&A realm, this means acquirers and investors paying closer attention to the quantity and quality of technology stacks utilized by MSSPs and other risk management services businesses, and adopting cyber insurance for potential pitfalls. Perhaps Shakespeare saw that while a man may be protean, a platform remains but a flat plane, useful but often unequal to the demands we place upon it.
Contact Jim
Managing Director, Clearsight Advisors
Washington, DC
jmccabe@clearsightadvisors.com
Share
