Are the Worlds of Security and IT Merging?

The more integrated security becomes across IT and engineering, the better it is for all parties.

Grant Wernick
Sep 5 · 2 min read
Photo by John Lockwood on Unsplash

It’s a question many people are asking, following a flurry of M&A activity in the cybersecurity space. In just the first quarter of 2019 alone, there were $7 billion in cybersecurity deals, according to Cybersecurity Ventures.

In one of the wisest acquisitions we’ve seen recently, last week VMware announced plans to acquire the endpoint security company Carbon Black.

This acquisition is significant because of the scale of the players involved and the number of end-users it can reach. What really interests me is the signal an acquisition of this type sends to the market. On the surface, this appears to be a strategic move for VMware to build market share; however, acquiring this type of firm may be the new table stakes required for VMware to survive when competing with cloud-native platforms.

Baking in security tools people already use in their day-to-day into the infrastructure environments they are already on will have an inevitable effect of bringing IT and security into a closer working relationship. That’s a good thing. The more integrated security becomes across IT and engineering, the better it is for all parties. It will be interesting to see out other cloud vendors like AWS, Google, and Microsoft respond in the months ahead, in order to raise the bar on the respective security portfolios.

The larger industry takeaway is straightforward: Security is at the forefront of people’s minds and increasingly a C-suite and boardroom topic. That explains the M&A activity, as well as the proliferation of cybersecurity startups focused on ultra-niche problems.

There is a lot of talk about organizations migrating fully to the cloud and the need to secure the cloud. The reality is, we’re going to live in a hybrid-cloud world for at least the next decade. On-prem work isn’t going to disappear overnight. With its acquisition, VMware is demonstrating it is sending a clear signal that it’s time for IT, security, and engineering to start working closer together to solve the security challenges for today’s hybrid clouds.

This is progress for our industry. Infrastructure and security are becoming more intertwined, and the days of working in silos are coming to an end. Companies like VMware can help drive that change.

The changing of the old guard doesn’t mean roles will be eliminated; they will evolve. DevOps, security, and engineering all have a lot to look forward to in this new world, as cloud providers automate lower-level tasks and leave them with more complicated, rewarding work.