{"id":2652,"date":"2021-01-28T14:00:00","date_gmt":"2021-01-28T14:00:00","guid":{"rendered":"https:\/\/thenextweb.com\/?p=1335933"},"modified":"2021-01-28T14:00:00","modified_gmt":"2021-01-28T14:00:00","slug":"why-cybersecurity-needs-an-api-first-mentality","status":"publish","type":"post","link":"https:\/\/www.londonchiropracter.com\/?p=2652","title":{"rendered":"Why cybersecurity needs an API-first mentality"},"content":{"rendered":"\n<div><img decoding=\"async\" src=\"https:\/\/img-cdn.tnwcdn.com\/image\/neural?filter_last=1&amp;fit=1280%2C640&amp;url=https%3A%2F%2Fcdn0.tnwcdn.com%2Fwp-content%2Fblogs.dir%2F1%2Ffiles%2F2021%2F01%2F1-copy-58.jpg&amp;signature=0dea5b37767136fe3830cf005e682245\" class=\"ff-og-image-inserted\"><\/div>\n<p>While software is eating the world, it\u2019s also siloing data along the way, stifling progress and innovation in the enterprise. Cybersecurity is woefully behind other industries in embracing an API-first mentality, and it\u2019s finally reached a breaking point.<\/p>\n<p>In the last year, research compiled in the Cloud Security Alliance\u2019s on <span>Cloud-based<\/span>&nbsp;Intelligent Ecosystems and the Ponemon Cyber Resilience Study states:<\/p>\n<ul>\n<li>Enterprises deploy, on average, 47 different cybersecurity solutions and technologies.<\/li>\n<li>69% report their security team currently spends more time managing security tools than effectively defending against threats<\/li>\n<li>53% say their security team has reached a tipping point where the excessive number of security tools in place adversely impacts security posture.<\/li>\n<\/ul>\n<p>The enterprise demands from digital transformation combined with \u201cunprecedented levels\u201d of venture capital investment in cybersecurity over the last several years have created the perfect storm of tool proliferation for the modern enterprise cybersecurity leader.<\/p>\n<p>Other major departments, like financial services,&nbsp;sales, and marketing technologies have certainly seen similar levels of supply and demand, so why is enterprise cybersecurity still so siloed?<\/p>\n<p><em>[Read:&nbsp;<a class=\"c-link c-message_attachment__title_link\" href=\"https:\/\/thenextweb.com\/artificial-intelligence\/2021\/01\/21\/how-this-company-leveraged-ai-to-become-the-netflix-of-finland\/\" target=\"_blank\" rel=\"noreferrer noopener\" data-qa=\"message_attachment_title_link\"><span dir=\"auto\">How this company leveraged AI to become the Netflix of Finland<\/span><\/a>]<\/em><\/p>\n<p>One common explanation, particularly at this time of year, is to point to<span>&nbsp;<\/span><a href=\"https:\/\/bdtechtalks.com\/2016\/03\/15\/the-cybersecurity-talent-shortage-crisis\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">the skills gap in cybersecurity<\/a>. Every year, a barrage of statistics comes out from the usual industry rags, and we collectively lament the lack of talent in the industry and the seemingly unstoppable growth in the number of open positions in cybersecurity. Late last year, ISC(2) put the number of open positions at over 4 million for an industry with about 2 million professionals.<\/p>\n<p>We seem to be caught in a vicious cycle of buying more tools to cover the gap in people only to find we don\u2019t have enough people to operate the tools. This is what Chase Cunningham and others would call a \u201cself-licking ice cream cone of misery\u201d.<\/p>\n<p>After two decades of user interface demo duels on conference floors and asking derivatives of \u201chow do I get alerted?\u201d is it any wonder that we have too many user-dependent products creating too many alerts? Do we have a skills gap or is it a data integration gap?<\/p>\n<p>Looking at other industries, is it possible that cybersecurity is just so unique? In other industries, there is a class of products that are the glue for the tools or applications. In cybersecurity, we are desperately lacking in these.<\/p>\n<p>Phantom Cyber and its fast followers were the first forays into this in security. Like Zapier, these stand-alone cybersecurity \u2018Orchestration\u2019 platforms are useful, but they are what Dave McCombs in<span>&nbsp;<\/span><em>The Data-Centric Revolution: Restoring Sanity to the Enterprise<\/em>&nbsp;would call \u201cIFTTs\u201d \u2013 they can mimic human behavior by sequencing automated actions on top of APIs. They are API-first, but they lack a data-awareness that is critical for success in integration and automation.<\/p>\n<p>In other industries, we have seen a surge of successful API-first companies that are also data-centric, referring to an architecture where data is the primary and permanent asset, and applications (tools) may come and go. Unlike Zapier or Phantom which take data as an input and action as an output, at their core, these API-first data-centric platforms have data as an input and data as an output. And, by simply focusing on data transformation and normalization through a robust API, they bring integration, order, and automated outcomes to their industry.<\/p>\n<p>Takeaways \u2013 How do I know if it\u2019s the right API-first product?<\/p>\n<ul>\n<li>\n<strong>Language&nbsp;<\/strong>\u2013 Is it about the data? Or is it about the tool? Is this product trying to be the \u201cone-ring-to-rule-them-all\u201d weaving in words like \u201csingle pane of glass\u201d? Or is it a decoder ring to help stitch data across your various products claiming to be a \u201csingle pane of glass\u201d?<\/li>\n<li>\n<strong>Inputs &amp; Outputs<\/strong><span>&nbsp;<\/span>\u2013 <span>Data-centric<\/span>&nbsp;workflows where data is the input and data is the output. Will work off-the-shelf with your core detect and respond tools\/apps and stand-alone orchestration tools.<\/li>\n<li>\n<strong>Business Model<\/strong>&nbsp;\u2013 Not priced by the user, always a different lever, data processing units, or numbers of integrations.<\/li>\n<\/ul>\n<p>And, if you still can\u2019t tell, get a product demo, if the whole demo takes place in their UI, the product is not API first, will require human cycles to manage and while it may add new capability, it will not augment other investments you\u2019ve made or create efficiencies in your stack.<\/p>\n<p><i><span>This article was originally published by&nbsp;<em>Patrick Coughlin<\/em> on <\/span><\/i><a href=\"https:\/\/bdtechtalks.com\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\"><i><span>TechTalks<\/span><\/i><\/a><i><span>, a publication that examines trends in technology, how they affect the way we live and do business, and the problems they solve. But we also discuss the evil side of technology, the darker implications of new tech and what we need to look out for. You can read the original article <a href=\"https:\/\/bdtechtalks.com\/2021\/01\/24\/cybersecurity-tools-api\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">here<\/a>.<\/span><\/i><\/p>\n<p class=\"c-post-pubDate\"> Published January 28, 2021 \u2014 14:00 UTC <\/p>\n<p> <a href=\"https:\/\/thenextweb.com\/neural\/2021\/01\/28\/why-cybersecurity-needs-an-api-first-mentality-syndication\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>While software is eating the world, it\u2019s also siloing data along the way, stifling progress and innovation in the enterprise. Cybersecurity is woefully behind other industries in embracing an API-first mentality, and&#8230;<\/p>\n","protected":false},"author":1,"featured_media":2653,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/www.londonchiropracter.com\/index.php?rest_route=\/wp\/v2\/posts\/2652"}],"collection":[{"href":"https:\/\/www.londonchiropracter.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.londonchiropracter.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.londonchiropracter.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.londonchiropracter.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2652"}],"version-history":[{"count":0,"href":"https:\/\/www.londonchiropracter.com\/index.php?rest_route=\/wp\/v2\/posts\/2652\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.londonchiropracter.com\/index.php?rest_route=\/wp\/v2\/media\/2653"}],"wp:attachment":[{"href":"https:\/\/www.londonchiropracter.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2652"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.londonchiropracter.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2652"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.londonchiropracter.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2652"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}