Challenges with Vendor Sprawl and the Convergence of Network and Security

Hi, and welcome to Blue Waves webinar series. 

0:02
The current this webinar series is designed to provide the latest information on trends, IT trends specifically and the technologies that we use to help solve business challenges every day. 

0:14
Today we’re exploring the latest trends around vendor sprawl and the convergence of networking security. 

0:19
We invited Matt King, who is the Director of Managed Services at Crown Castle. 

0:23
And by the way, Crown Crown Castle provides wireless and fiber solutions in the United States. 

0:29
I’m Paul Starkey, I’m the director of technology supplier on programs over at the Blue Wave Technology Group. 

0:34
And today. 

0:34
Welcome, Matt. 

0:36
Appreciate you having me on, Paul. 

0:38
Yeah, we are so excited to have you here. 

0:40
So we’re going to dive right in, start covering some really good content. 

0:43
So first of all, you know, we we’ve all been through kind of almost like this once in a lifetime kind of thing. 

0:48
So there are many lingering effects from the pandemic driven with work policy changes, you know, just kind of the landscape change from even from what I’m used to when I was younger. 

1:00
But what challenges are you seeing this pose for customers and their environments? 

1:06
Yeah, there’s a lot. 

1:07
And obviously with change comes the necessity of people being more nimble, which is not always the case. 

1:14
The the first one that I see that it’s, it’s kind of a repeat thing over and over again is just headcount issues as as organizations kind of went through this ebb and flow of maybe maybe demand expanded or often times it contracted IT. 

1:29
Staffs were often times where cuts came from. 

1:32
And even as things kind of returned to quote UN quote normal, those Staffs never really fully recovered. 

1:39
And they may have seen themselves become more efficient and find a way to operate on more of a shoestring budget or with a smaller staff. 

1:47
And the rate of change is just, it’s compounding. 

1:51
Things are changing faster and faster and faster. 

1:53
They’re having a harder time keeping up and a harder time staying in front of all the challenges that do exist. 

1:59
And there’s just not the manpower usually at most of the people, most of the organizations we’re we’re contacting and being in front of. 

2:06
That’s a big one. 

2:06
I would say at the same time, too, there’s like a fundamental change in terms of how networks are kind of configured with people working out of the office during the pandemic more often, decentralized network designs weren’t optimal for managing security and for just handling the challenges that exist there. 

2:24
And there’s still this sort of push pull between centralized networks having to move to a more decentralized space with cloud applications, endpoint security changing, just even managing where the users are. 

2:35
There’s a lot of issues with that. 

2:36
And these challenges, as I was saying, they’re changing faster and faster all over time. 

2:42
Those challenges are compounded by the fact that you have fewer people to actually help with them and they’re so resource constrained that they’re focused on putting out fires and being reactionary. 

2:52
They can’t get ahead of the the issues. 

2:54
They can’t think farther in advance to kind of build a long term strategy. 

2:59
And I see a ton of demand for consultative services to help people see what everyone else is doing. 

3:06
What are the best practices? 

3:07
How do I get away from just reacting to every little thing that pops up? 

3:11
So what do you see some of the security challenges that you know, around these solutions and how are you helping your your customers address them? 

3:19
Yeah, I think the big one, I mean, you just think buzzwords that people will be throwing out there. 

3:24
ZTNA, you know, zero trust is, is a big one. 

3:28
And with either hybrid environments or fully remote environments, there’s a great window of opportunity to have conversations about SSE or Sassy with our customers just because managing VPN setups for brand new employees and kind of this influx or decrease of employees for organizations, that’s a pain in the **** and it doesn’t necessarily dovetail really nicely with other security postures that may be required. 

3:54
Also, tons of regulatory changes exist in multiple industries. 

3:58
You look at, you know, some of the DoD requirements for, for healthcare, if they’re working with, with, you know, public healthcare or you look at finance and endpoint requirements. 

4:08
There’s just a ton in the last year that’s changed. 

4:11
And all of these requirements mean new tools to try to, you know, adopt these postures that are required. 

4:17
The other challenge I see coming out of that is, OK, well, I need to be 0 trust, I’m going to do sassy. 

4:23
I’m going to buy from X vendor and I need to have endpoints. 

4:27
So I’m going to buy this and I have a SIM with this vendor. 

4:30
All of a sudden you’ve got like 6 interfaces, you’ve got 10 vendors. 

4:33
Vendor sprawl is a very real issue. 

4:35
People are struggling to keep up with it. 

4:38
They can’t even necessarily have enough time to respond to the internal IT issues they have already, let alone learn 4 new platforms. 

4:44
So I think having a single platform that can kind of holistically manage the network automates some of these responses. 

4:50
Actually use machine learning and AI, you know, a lot more buzzwords that are thrown out there. 

4:55
They don’t really help if it requires another platform to use rather than consolidating them. 

5:00
I, I see a huge demand for tools like that because these are very real issues that almost every organization we talked to are really struggling with, even like you’ve got, you know, network teams that are being thrust into security conversations. 

5:15
Not every organization has a chief security officer or even a SoC and asking IT Staffs that manage hardware and set up firewalls to figure out how to ingest log files into a SIM and automate responses. 

5:28
Like that’s a, that’s a huge ask and trying to hire people to come in for security incredibly difficult. 

5:36
They, they make a lot of money. 

5:37
It’s a big expense and the turnover rate is massive. 

5:41
Like you people don’t stick around because it’s, you know, pretty brutal job. 

5:46
So I, I see big demand on how do I automate some of those response actions? 

5:51
How do I offload some of these security functions? 

5:55
Because the liability of me trying to self manage that, you know, it’s not worth the impact of my job security if I’m a network administrator or a security administrator for an organization. 

6:04
So I see big demands for automation, for outsourcing and for kind of unifying tools into a single interface. 

6:11
I, I, I would see those are things people are clamoring for now. 

6:16
I agree. 

6:16
And you actually touched on this earlier, but the, if you, if you’re having to spend all your time focused on keeping the lights on, you’re not able to make those more strategic, you know, decisions and be able to kind of how do I help my organization grow in advance? 

6:31
So that’s, that was a good point to get earlier. 

6:35
What else do you see as far as changing in the future that’s going to impact buying habits of your customers? 

6:41
Yeah, I, I think the, the point I touched on briefly earlier, the difficulty in hiring, I think that will continue to get worse. 

6:50
You know, the the difficulty with hiring top end talent is very real and the risk of human error and self managing sock is only going to get more difficult. 

6:59
The attacks are becoming more sophisticated and oftentimes a lot of the attacks that are really, you know, you see in the the headlines, it’s not something that’s incredibly complex or some crazy thing. 

7:11
It’s just simple human error. 

7:12
And creating safeguards for that oftentimes doesn’t mean having more people to solve that or the amount of people you would need to solve it is so much more than what people estimate for that. 

7:25
I see a lot more movement towards automation and a lot more movement towards offloading security services. 

7:31
Most organizations we talked to, even larger organizations are looking at not having a single point of failure within the organization for SoC. 

7:40
So I think that’s a big one. 

7:42
I think they’ll be further decentralization of networks as well. 

7:46
You know that that may sound like, well, yeah, of course, you know, everything’s moving to the cloud. 

7:51
It has been for a decade. 

7:53
I I get that. 

7:53
But there’s still very big, expensive IT organizations within industries like healthcare that are still not fully decentralized. 

8:01
They’re still have centralized networks. 

8:03
They’re still hosting packs and some of their EHR stuff on, you know, self run servers. 

8:09
I see more of that moving to the cloud and there’s a trickle down impact, you know, because they they can’t have that in their own environment. 

8:16
They’re not filtering all their traffic through a centralized firewall. 

8:20
You know, they’ve got external users at different sites, you know, to stick with the healthcare example, the other, there’s massive consolidation in that industry. 

8:27
They’re bringing in health clinics and different sites. 

8:30
They’re going to have to figure out new ways of managing that. 

8:32
And it’s already forcing conversations to exist and change is difficult, but people are looking for, well, what did, what did this other organization do? 

8:42
What did this other company do to solve the problem? 

8:45
And I think we’re going to continue to see more of that, especially as compliance changes come up. 

8:52
You know, the, for public sector K through 12, you have the cybersecurity fund that’s going on right now to provide services for cybersecurity for the first time. 

9:02
That’s really just the the precursor to massive regulatory changes that are likely coming. 

9:07
And this is across every industry. 

9:09
So even if people are already anticipating it making, they’re going to be forced to move a lot faster than they think because there is going to continue to be more and more regulatory changes that will shift how network policies exist and the security posture that companies have. 

9:25
And that’s huge, huge opportunity for people that are consultants because people aren’t going to know what to do for the exact reasons we’ve outlined earlier. 

9:34
Well, Matt, thank you so much for joining us today. 

9:37
A lot of great information. 

9:38
We sincerely appreciate your time. 

9:40
Thank you. 

9:41
Thanks, Paul, thanks for having me. 

9:43
Hey, and thank you for watching. 

9:44
Have a great day.