Why You Should Beware of “All-in-One” Cyber Platform Plays

All-in-one cybersecurity “platforms” that protect you from everything, eliminating the need for stand-alone “point” products — they sure sound like a great idea. They’re not. I’ll tell you why.

First, let me say that I understand the appeal. I have spoken with customers and surveyed the broader market, and I know that companies often find themselves supporting multiple security products in their software stacks. In fact, a recent survey we conducted revealed that many organizations have dozens of cybersecurity products running in their environments. Each product does slightly different things, protecting against slightly different threats, in slightly different ways.

Operationally, supporting all those applications can become a nightmare. Who wouldn’t want to round up all those single-purpose “point products” and replace them with one integrated platform that “does it all”? As enticing as an all-in-one cybersecurity platform sounds, it’s also just as elusive.

In fact, it doesn’t exist. It is smoke, and in the world of cybersecurity, it always will be.

Why Cybersecurity “Platform Plays” Eventually Fall Flat

As the CEO of one of the world’s most trusted and enduring brands in the security space, I get it. I understand why every one of our major competitors in the “next-gen” cybersecurity market has jumped on the “platform play” bandwagon. They point to incumbents that became de facto “standards” in their respective enterprise software niches, building themselves into monolithic platforms over decades.

But what looks like success to a software vendor and its investors doesn’t always spell success for the customer. Over time, those platforms begin to exert such a stranglehold on their customers, that it stifles competition and innovation. Eventually, those customers start to defect, and the wheels come off.

So while the single-platform premise can be powerful, and very persuasive, it ultimately leads to broken promises and disappointed customers. But there are other reasons why “all-in-one” platform plays don’t work out in the end — especially in the area of cybersecurity.

Unlike integrated platforms that support discrete functional areas of the enterprise, like sales automation/CRM or office productivity, cybersecurity is (or at least it should be) systemic throughout an organization. It must support and protect every function, application, device, and person operating in that environment. That’s too big a job for one provider, or one “platform.”

Optimal security requires a small, manageable set of complementary technologies to get the job done. Today’s attacks are infinitely variable in their approach and tactics, so we need to mirror some of that variability in our defenses. We need to take advantage of multiple high-performing security models — not just one — ideally sourced from multiple vendors with different codebases and technology approaches. The technologies should even have a little “overlap,” just enough to fill each other’s gaps, and perhaps even provide a bit of redundancy. Most importantly, we need to focus on optimized technology approaches that deliver the right balance of business risk and fail-safe capabilities for each organization.

Today’s informed security decision-makers know this. They are realists, and they recognize the consequences of trusting all their eggs to a single basket. And despite numerous vendors attempting to sell them on the benefits of their all-in-one, single-platform approaches, I have yet to meet a CISO who does not hedge their bets with at least a few additional security measures, sourced from multiple providers.

The fact is, no matter how robust or cost-effective these “platform plays” may appear, no single system — operating in isolation — is impenetrable. And the more ground they try to cover with an all-in-one approach that protects everything, the more gaps it will contain.

BlackBerry's Approach

At BlackBerry, we’re doing it differently. We always have. As the company that started out as “Research In Motion (RIM),” that heritage of innovation continues today, with over 1,400 patents granted in the past fiscal year alone. We are constantly seeking new, breakthrough capabilities to maintain our best-of-breed position in every market where we compete.

Our endpoint security solution is a prime example. We take a different approach that is heavily driven by our industry-leading artificial intelligence (AI) and machine learning (ML) capabilities. This can often complement existing deployed solutions, identifying attacks that would be missed by an all-in-one platform solution. Our contribution to a healthy, multivendor security stack relies on having best-in-class ML models, providing predictive AI that can identify zero-day threats years before they actually appear in the wild. We also offer a fully functional next-gen endpoint client with an extremely small footprint that provides superior protection — whether the endpoint is connected to the network or not.

To those who are tempted by the “platform plays,” we will be here to complement and fortify your security, whatever course you choose. We will continue to pursue our best-of-breed strategy, constantly innovating and enhancing our ability to augment and strengthen your security posture.

In my next blog, I’ll discuss other popular cybersecurity misconceptions.

About John Chen

John Chen is Executive Chairman of the Board and Chief Executive Officer of BlackBerry. Appointed in November 2013, John led BlackBerry’s turnaround stabilizing the company’s financial position, ensuring its viability, and pivoting its operations from consumer hardware to enterprise software. Today the company takes advantage of the current growth opportunities in IoT and Cybersecurity and is pioneering the convergence of these two markets.

John is a distinguished business leader and proven turnaround executive with over 40 years of engineering and management experience. Prior to joining BlackBerry, John served as Chairman and CEO of Sybase Inc. where he re-invented the company and achieved 55 consecutive quarters of profitability during his 15-year tenure.

Recognized as a thought leader and as a respected voice in foreign policy, John has testified before Congress on U.S.–China trade relations and was appointed by U.S. President George W. Bush to serve on the President's Export Council. In 2006, he was appointed co-chair of the Secure Borders and Open Doors Advisory Committee. Additionally, John chaired the U.S.-China Policy Advisory Roundtable for the Center for Strategic and International Studies (CSIS), served on the Board of the National Committee on U.S. China Relations since 2012, and has been a member of the Committee of 100 since 1997 and its Chairman from 2009-2011.

John graduated magna cum laude from Brown University with a bachelor's degree in electrical engineering and a master's in electrical engineering from the California Institute of Technology (Caltech). John has an honorary professorship from Shanghai University, and honorary doctorates from San Jose State University, City University of Hong Kong, and Hong Kong University of Science and Technology. John has received awards from the U.S.-Asia Institute, the U.S.-China Policy Foundation, the California-Asia Business Council, and the U.S.-Pan Asian American Chamber of Commerce Education Foundation.

John served on the Board of Directors for The Walt Disney Company (2004-2019) and Wells Fargo & Co. (2006-2018) and as a trustee of Caltech (2008-2022). John is an Advisory Board member of the US Chamber China Center. He is also active in the not-for-profit community, and is a board member of the National Committee on U.S.-China Relations, member of CFR, national trustee of The First Tee and Governor of the San Francisco Symphony.

Back