Capturing the cybersecurity dividend

A new study from the IBM Institute for Business Value

Organizations around the globe are facing a pivotal moment in security—one that requires urgent action.

Digital connectivity expands attack surfaces and creates new vulnerabilities. Cyberattacks are becoming more sophisticated and harder to defend against. And AI is being used by both defenders and attackers, creating a race in cybersecurity capabilities.

Cybersecurity tools and solutions abound, most promising some sort of sea change. In reality though, many deliver only a ripple or, at best, a passing wave. Why? Complexity is getting in the way of results.

The cybersecurity landscape has always been a complex web of threats and countermeasures. But the proliferation of threats and the mind-boggling number of potential responses today is enough to rob a Chief Information Security Officer or Chief Technology Officer of some much-needed sleep. Organizations juggle an average of 83 different security solutions from 29 vendors. It’s unnecessary convolution and risk. More tools equal more threats; every integration is a potential point of entry for bad actors.

In today’s world, effective security requires platformization. Platformized organizations take 72 days less, on average, to detect a security incident and 84 days less to contain one. Consolidating multiple tools into a unified platform not only bolsters security posture, it also reduces costs and improves operational efficiency—two things any C-suite executive or business leader will welcome. And when it comes to AI, a platform approach best enables an organization to ingest and analyze data, and then deliver actionable insights.

Our roles give us an opportunity to engage with organizations from every industry and geography, providing us a view from the security mountaintop—and we see that waiting is a risky game. This isn’t just about future-proofing, it’s about safeguarding the present. Imagine security tools that harmonize seamlessly, sharing intelligence and automating responses at an unprecedented speed. This vision is already a reality for many organizations that have platformized their security since Palo Alto Networks introduced the concept one year ago.

Security platforms offer unparalleled visibility, strengthened defenses, improved costs, and efficiency—all leading to tangible business benefits. A robust, integrated security platform can be the shield that protects your organization’s reputation, customer trust, and bottom line.

In today’s AI-fueled world, strong partnerships are more essential than ever. The strategic partnership between IBM and Palo Alto Networks brings together leading security platform, AI, and transformation capabilities. Collaborating on this report, we have identified what it takes to successfully pivot to security platformization and what it can deliver for your organization. Together, we are unique in our ability to help you embrace this opportunity and be the best partners for you.

Mohamad Ali
Senior Vice President & Head, IBM Consulting

BJ Jenkins
President Palo Alto Networks

Key takeaways

Security fragmentation is now the unhappy norm.The average organization has 83 different security solutions from 29 vendors. A majority, 52%, of executives say complexity is the biggest impediment to security operations.

Security platforms bring faster response times and higher ROI. Platformized organizations take 72 days less, on average, to detect a security incident, and 84 days less to contain one. They also reap an average ROI of 101%, compared to 28% for those that are not yet embracing platformization.

Platformization moves the security function from “necessary cost” to value generator. 96% of security executives in our survey who have adopted platformization say security is a source of value, compared to just 8% of those who haven’t.