How Open XDR is Setting the Stage for the Future of Cybersecurity Channel

By Simon Godfrey, VP Sales Europe for Secureworks.

  • 1 year ago Posted in

The global cyber security market is projected to grow from $172.32 billion in 2023 to $424.97 billion in 2030. The rising threat of breaches, combined with increasing regulatory oversight and risk of fines is pushing cybersecurity further up the corporate agenda. Almost every IT stack has a cyber component now.

 

And we can see there is great optimism within the channel on the promise of cybersecurity. According to Canalys, 54% of channel partners expect double digit growth in their cybersecurity business in 2023, while over a quarter (27%) believe their cybersecurity business will grow more than 20%.

 

While cybersecurity presents a great opportunity for the channel, it is not an easy sell. Cybersecurity is complex, requiring increasingly hard to find specialist skills. Furthermore, cyber buyers are well informed. They have preferred technologies and complex organisational needs. And with budgets tightening, many CISOs need to do more with less.

 

The challenge for the channel is hitting the balance of helping customers effectively reduce risks with less expenditure, while still protecting margins. Could Open XDR hold the answer?

 

With threats on the rise, customers need a partner they can trust

 

As the complexity of IT increases, the attack surface widens. It’s harder than ever to defend against would be attackers. Exacerbating this problem is the lower barrier to entry for potential threat actors. Almost anyone with an internet connection and a bit of technical knowledge can just hop on the web and download a hacking kit. Customers really are getting hit from all sides.

 

In a bid to stay ahead of the threats investment in cybersecurity tools has increased. Often in a piecemeal and siloed approach, heading off one area of concern at a time. It isn’t uncommon for large organisations to have upwards of 50 cybersecurity tools in operation, often from dozens of vendors.  Add on top, not enough people then to monitor and maximise use of the tools purchased. With customers struggling to make the most of the investments they already have, it can be difficult to get them to consider new ways to improve their security posture.

 

This is where the channel can play a vital role in advising customers on new ways they can improve their security posture, while consolidating their environments and use of vendors. This is driving the need for Extended Detection and Response (XDR), offering a single platform for threat prevention, detection, and response.

 

The open or closed debate

 

The XDR market is now being valued at $1.4 billion, and estimated to register at a CAGR of 19% between 2023 and 2032. Why? Because XDR platforms can distil millions of security alerts across environments – from endpoints and emails to cloud – into just a handful of real threats requiring investigation. This holistic view helps to target resources in a more effective way, reducing complexity and giving security teams a more comprehensive view via a single platform.

 

But how can the channel select the right XDR platform for them and their customers with so many to choose from? Partners may be tempted to offer native (closed) XDR platforms designed as an all-in-one platform from a single vendor, that includes all native security controls monitoring network, endpoint, cloud, email and other business applications. While it is a platform, it is a single vendor approach for all telemetry. 

 

However, closed platforms of this kind are restrictive, limiting options for the channel to sell best-in-breed third-party solutions. And as CISOs are already likely to have invested in multiple security solutions, recommending an XDR platform which forces them to overhaul their entire stack is likely to hit with significant resistance. Not to mention, it restricts ability to make changes in the future as the business needs change. This closed approach also limits the channel’s ability to build trust with customers who may be better off with a best of breed solution for their specific security needs.

 

Open up to Open XDR

 

Open XDR platforms provide channel partners with the flexibility to create security bundles which incorporate their existing investments, or to fit in with their stack as an additional overlay. This also gives the channel the option of upselling by offering third-party integrations and automated playbooks to accelerate response actions.

 

In addition, as Open XDR platforms sit across the entire security infrastructure, they collect data on the effectiveness of those tools. Armed with this data, partners can have a deeper conversation about which investments have the most impact and where customers may want to improve. This will be particularly helpful with more cybersecurity mature organization, where you need to be able to provide them with value beyond selling them a license.

 

As a result, the channel can work with customers to create their own security ecosystems now and in the future, without being limited to one vendor or overhauling existing security solutions. This is not only a huge plus for the customer, but also gives channel partners an opportunity to gain trust and increase margins.

 

The future is open

 

In a difficult economic climate and a growing threat landscape, the channel can become a trusted partner to ensure businesses’ cybersecurity investments are both cost-effective and offer an extensible, approach to threat prevention, detection and response. By providing vendor-inclusive, open XDR platforms, channel partners will help deliver value that will see companies become safer and more secure, despite ongoing turbulence.

By Darren Thomson, Field CTO EMEAI, Commvault.
By Oliver Feiler, Head of Global Alliances and Strategic Partnerships EMEA, Nozomi Networks and...
By David Higgins, EMEA Technical Director at CyberArk.
By Manuel Sanchez, Information Security and Compliance Specialist, iManage.
Anita Mavridis, VP of Product at Zivver, and Sue Musumeci, Director of Quality & Clinical...
By Danny Lopez, CEO of Glasswall.
Nadir Izrael, Co-Founder and CTO at Armis discusses the importance of critical infrastructure...
By Darren Thomson, Field CTO EMEAI at Commvault.