On one hand, software-as-a-service (SaaS) providers with a focus on security are tearing up the transaction market. The most recent one is described as the largest private equity deal in the cybersecurity industry, and the staggering amounts of money involved in this very hot market are raising eyebrows. In the ultimate validation, the category is getting its own spinoffs. That’s why we have security-as-a-service (the cringeworthy acronym is SECaaS), in which providers offer specialties around authentication, intrusion detection, penetration testing and more.
On the other hand, there’s the real world. Despite all the allocations and acquisitions, there’s definitely no shortage of cloud security breaches. The industry at large is so numb to these events that they now generate little attention. Does the Colonial Pipeline episode get more mindshare than SolarWinds, Mimecast and other big disasters from the recent past? If cybersecurity threats define the new normal, are technologies and business practices adapting appropriately? Either way, it seems apparent that every new episode of unauthorized access scares away security chiefs from endorsing greater cloud migration.