This article is part of our Conference Coverage: RSA 2017: Special conference coverage

Security platforms to disrupt industry, predicts Palo Alto Networks

Collaborative security platforms will enable developers to focus on innovation and force the security industry to change business models, predicts Palo Alto Networks

Security platforms with open application programming interfaces (APIs) are set to turn the business model for the information security on its head, according to Mark McLaughlin, president and CEO of Palo Alto Networks.

“We need a new model that will drive more innovation, value and encourage sharing of threat intelligence in highly automated ways, enable things to happen faster with less human intervention, be easier to deploy and have a lot more flexibility in the usage and consumption options,” he told the 2017 RSA Conference in San Francisco.

For such a security platform to work, McLaughlin said it would have to include sensors to get the data, the ability to enforce decisions reached on the basis of the data, be more focused on users rather than locations and it would have to be able to hold and consume a lot of data.

It would also have to include things such as machine learning and analytics, and it will have to be open from an API perspective, he added.

Once such security platforms are a reality, he predicts this will enable a lot of innovation because developers will be able to write for those platforms without having to do all the data collection, storage, integration and analysis for themselves.  

“This means users will be able to turn on or turn off hundreds of capabilities from hundreds of suppliers as and when they need to and only when they find value in it by using software as a service [SaaS] consumption models,” said McLaughlin.

“If we get to what I am talking about, probably the main measure of success will be that instead of people saying I have 90 different suppliers and I have to figure out what to do with all that from a complexity, consumption and cost perspective, those same people will be saying I have 400 security suppliers and I am fine with that.”

With innovation happening on top of a security platform, McLaughlin said organisations will be able to tap into all the security innovation they want or need without the complexity or cost associated with existing business models.

Similarly, developers will be able to innovate faster and at lower cost by exploiting all that the underlying security platform has to offer.

“This approach will drive a new concept of ecosystems around security that are going to be application developer ecosystems for things very smart people will do when they have all that data and analytics capability and the ability to enforce decisions. All they have to do is think about what the innovation around that is going to be,” he said.

Change in industry is ‘imminent’

According to McLaughlin, the likely consequence is that the business model of the security industry will get turned on its head.

“If the things I am talking about are accurate – and I think they are and that they are imminent because we have to get there out of necessity – a few things are going to change in our industry,” he said.

McLaughlin expects funding models to change dramatically. “There is going to be a lot of funding, but a lot less of the cost of funding will develop the innovation because not everybody has to be the platform. They will just have to innovate on top of a few security platforms to create very compelling ideas.”

He also expects to see distribution models change significantly form the present and past. “Distribution will be very easy. It will be software-driven and SaaS in nature,” he said.

“We are also going to see much more co-operation between security suppliers in terms of threat intelligence sharing because that will be the coin of the realm: what you can do with what you know. Not what you know, but what you can do with what you know, and that will be a significant change for the security industry and we are starting to see that already.”

Read more about innovation

McLaughlin cited the example of the Cyber Threat Alliance (CTA), a cross-industry initiative set up to foster the sharing of information about cyber security threats in an automated way by Palo Alto, Fortinet, Symantec and McAfee.

“This week at RSA Conference we were very happy to welcome as founding members Cisco and Check Point, which means we have all the major players in security now, but we encourage everybody else in the industry to join.

“The ultimate result of this is to have threat intelligence sharing among the security industry in a very automated fashion, which, along with software that has been contributed to this, creates an economy for threat intelligence sharing.

“That’s real and we are very happy to expand it with two newest founding members and to move it out of the nest into a non-profit entity, which is an example of what I am talking about as we rapidly move to new definitions of platforms that will be very disruptive in the consumption of innovation, which will drive further innovation,” he said.

Read more on Hackers and cybercrime prevention