New Cybersecurity Alliance Continues Trend of Industry Collaboration

For the cybersecurity industry, 2016 is shaping up to be the year of alliances.

There have been a series of tie-ups, as security-tech companies try to boost their businesses and amplify their products via acquisitions. IBM bought Resilient Systems, Cisco Systems snapped up CloudLock, Symantec acquired Blue Coat, and Carbon Black purchased Confer, to name a few.

But we’re also seeing more partnerships between security companies that aim to tie their product offerings more closely together, without going so far as combining their businesses. It’s an interesting tactic that seems unusual in a competitive business environment, but makes sense when considering the constantly expanding sea of cyber threats—and solutions—through which organizations must wade. Cyber industry alliances, the thinking goes, could make customers’ cyber defenses stronger and easier to manage.

The latest example is a new coalition formed by several security companies aimed at addressing data breaches. The “Connected Security Alliance” is led by Irvine, CA-based SecureAuth, which is joined by CyberArk (NASDAQ: CYBR), SailPoint Technologies, and Exabeam.

The announcement of the new group follows the April launch of the C³ Alliance, a collection of about 15 companies in cybersecurity, enterprise software, and other services who are integrating into their offerings more security measures for so-called “privileged accounts.” Such credentials enable access to an organization’s software systems for tasks like implementing updates or managing devices on the network. The C³ Alliance is led by CyberArk, and SecureAuth and SailPoint are also members of that group.

And in a smaller example last month, Boston-area cybersecurity competitors Digital Guardian and CounterTack teamed up to integrate their anti-malware products.

With the Connected Security Alliance, the four inaugural members are joining forces to help plug gaps in organizations’ cyber defenses. Many of the security products on the market today are geared toward solving specific problems, and often these “point products” don’t talk to each other. That means businesses, governments, and other organizations lack visibility across their software systems—leaving openings where attackers can “exploit the white space between security solutions,” the Connected Security Alliance said in a press release announcing its launch.

The alliance aims to address these challenges by not only better aligning security vendors, but also by creating a more connected security system for their customers. That means the vendors’ products are more seamlessly integrated, more data gets shared and analyzed in order to spot attacks sooner, identity authentication measures get boosted, and so on. That’s the goal, at least.

“We know our customers are managing multiple solutions and vendors. With increasingly sophisticated threats, we need to make it easier for security professionals protecting their environment—not more challenging,” said Mike Desai, SecureAuth’s senior vice president of business and corporate development, in the press release.

The alliance members’ products appear to have some overlap, but the companies see opportunities to leverage each other’s technologies in a complementary way. (For those who want to get into the weeds, you can read a deeper explanation here.)

SecureAuth and Austin, TX-based SailPoint both focus on identity and access security. CyberArk—based in Israel, with U.S. headquarters in Newton, MA—helps customers beef up privileged account security and thwart cyber attacks that have infiltrated an organization’s network. San Mateo, CA-based Exabeam aims to detect and assess potentially malicious activity on the network, while also providing information to help organizations respond to threats.

The alliance plans to add more members, according to the press release. Membership is by invitation only.

Trending on Xconomy