Tech sprawl emulates the snake game
Who remembers the snake game?
For anyone, like me, who spent – ok wasted – a lot of time on newfangled beige boxes in the early ’80s (mine was an Apple IIe if I’m not mistaken) or on fancy “new” Nokia cell phones, a few years later, the image of the snake in the snake game should be as familiar as a “nutritious” breakfast of sugar, food coloring, and milk.
And for those of you who aren’t quite old enough to need progressive eyeglasses just yet, let me explain: The snake game featured, well, a very simple digital representation of a snake, which went along happily eating apples (good) and grew longer and longer (bad) making it less agile and harder to maneuver, while moving ever faster.
A parable for our times
For today’s CTOs, the business analogy is an easy one, with a twist. As your enterprise has grown and added more and more point solutions to handle your key business needs – and to combat bad actors, threats, and vulnerabilities – your environment, like that ever-growing snake, has become bigger and bigger, and harder to manage.
But unlike the snake, which just got faster as it got longer, in the real world, as it grows (and grows), your environment has gotten far slower and less agile.
In tech, innovation (or apple eating) doesn’t stop, so the tech snake itself gets larger and larger. And in cyber security, as in most fields, despite all your time and labor spent planning, purchasing, implementing, and coordinating security solutions, the uncomfortable truth is that increased complexity almost always leads to increased friction, slower response times, and, in many cases, increased vulnerability – the exact opposite results you were looking for.
You’re almost never at the head of the snake
And even if you’re vetting, purchasing, and deploying the very latest, most sophisticated technology available, here’s the thing: The snake never stops moving, and as the industry keeps innovating, your sparkly new technology suddenly isn’t the latest anymore, and you start moving back towards the rear of an ever-growing snake.
This makes your purchasing decisions even harder. When do you pull the trigger? Do you buy now, or wait another few months to see what’s changed?
Buy the right tech, at the right time
A friend of mine was famous for always buying his next Mac JUST before the new ones came out. He’d only buy a new computer once every five or so years and somehow, he had the unhappy knack of timing it so that that shiny new machine was always immediately out of date.
The same concept is true of tech in general. Take email security for example. For the longest time, gateway products were the state of the art (or the head of the snake, if you will). A gateway product would screen all inbound email for an organization before it hits their email servers. This approach goes back to well before company email was cloud hosted and continued to be the de facto solution as email services began their natural evolution to the cloud.
Yet, the technology snake munches on, and suddenly, your gateway, and the gateway tech itself, gets pushed backward in the stack, and today’s innovation quickly becomes tomorrow’s technical debt.
Clearly, the modern approach to email security goes well beyond a gateway. We’re now leveraging cloud email APIs and other advances to be able to identify an attack that was missed at any point in the message delivery process. This also allows us to trace any potential impact that nefarious email may have wrought.
The analogy similarly extends to the secure access service edge (SASE) space. In the past, each enterprise had a wide array of technologies covering authentication, authorization, DLP, CASB, et al. These approaches evolved relatively independently of each other. So chomp chomp chomp, the snake has gotten even longer and buyers owning those solutions now find themselves further behind the front of the snake as newer technologies demonstrate greater value and agility through intentionally integrated approaches.
Well, how do you go about buying tech then?
Put another way, how do we take short term advances and turn them into longer term gains?
I find it helps to identify the small number of existentially important factors that your specific business relies on as competitive advantages. Which technologies directly support those advantages? How do changes in those technologies translate into results and impact? This should net you a short list of tools, which will itself cut out a considerable amount of noise.
From there, leaders can rely on the fact that although tech continually disrupts itself, it also tends to consolidate as it matures.
And speaking of consolidation, most modern businesses agree that the age of the point product has passed and the age of the platform has arrived. De-emphasizing disparate point products in favor of a platform where the different tools and functionalities have been carefully engineered to work seamlessly together is definitely the right path. And if your platform, and its component pieces have been designed for extensibility deep into the future, this will save you and your team's time, effort, swivel chair gaskets, and labor.
And while expecting a single platform to do everything your organization needs may not be realistic, knowing that most businesses have their own bespoke workflows and processes in place; it’s still an excellent model, and goal, to strive for. The fewer the pieces, and the more natively engineered and integrated your platform solutions are, the more seamlessly they’ll work together, and the easier they’ll be to manage.
Then add AI to the mix
Things get even more complicated when we introduce AI into the picture. With so many different APIs and technologies, CTOs are asking themselves “How do we adopt AI and how will it work with all of our different solutions and technologies that we've added over the years? And while we’re here, what are they actually doing with my data? How do I know that they're not using my data to train their model?” Clearly, the regulatory world has trailed global AI adoption, leaving many CTOs feeling like they have to fend for themselves in a Wild West-style AI landscape (is that a vintage cowboy hat on that snake?)
The explosion of AI today is a bit like the early days of computers in the 1970’s and 80’s. In those days, while young me was feeding a digital snake apples until it nearly filled its tiny black-and-white screen, businesses were clamoring to install computers so they wouldn’t get left behind. But there wasn’t a great sense of HOW these miracle devices were going to make their workplaces more efficient and productive. Sound familiar? The same can be said for AI today. No one wants to be left behind or out innovated by not adopting AI, but many companies are still looking for advice or the right know-how to help them incorporate AI intentionally and effectively into their technology stack and organizational strategy.
Adopting AI for AI’s sake, or because you don’t want to get left behind, is a flawed plan, but purposefully adding it to, say, a customer service company can quickly return efficiencies and savings. The right AI implementation across their tech platform can help them deploy, for example, the right-sized truck to solve a specific customer’s problem, then feed the intel from the AI agent to the dispatching system to the customer, so that the right technician with the right experience and the right parts and tools is sent out on the job, and is prepped for success.
Simplify, simplify, simplify
So, what’s my recommendation? I think the way forward is to simplify. Simplification will be an increasingly large part of the organizational strategy going forward and while we can expect capitalist market forces to take care of this to some degree through partnerships and acquisitions, the sad truth is that all technologies aren’t the same. And while we may not have built every single piece of our platform ecosystem to cover every possible capability, Cloudflare shines in our ability to seamlessly integrate all of the technology together into our platform. This creates simplicity, and simplicity is both strong and effective.
Today, the way to achieve simplification is to adopt a consolidated platform approach, where the tools you and your teams use every day have been natively designed to work together, making it easier for disparate teams within the organization to easily collaborate with each other either physically or virtually.
And the downside? Well, change itself isn’t free. It can take time and planning. But a system that’s simple and integrated with a smaller attack surface will definitely be worth it in the long run. Will you need to run multiple providers for a moment? Probably. But the real question to ask yourself is, “How far am I willing to go to achieve simplicity?” Having your teams managing multiple point solutions increases inefficiency and the amount of compartmentalized knowledge. I probably don’t have to tell you that a cobbled-together security environment becomes increasingly unwieldy to operate and your security folks will wind up dragging an ever-growing, increasingly heavy virtual snake behind them at every turn.
Most modern organizations need their vendors to be more than sellers: to serve as an extension of their organization, and to be more like business partners and advisors.
As new capabilities are developed, a major selling point will continue to be the ability to integrate those new capabilities intentionally as seamlessly as possible into your existing environment. This is one of the main differentiators for us, as unlike many of our competitors, we’ve taken the time to design all of our tools to work seamlessly together. Our customers realize that the Cloudflare whole is greater than the sum of its parts.
At Cloudflare, we think of ourselves as a consulting partner to our customers to ensure that they’re getting truly customized and tailored service to help them benefit from our products because we know that what we’re selling not only works really well and brings value to our customers, but is very straightforward to implement and can be trusted to work together well into the future.
This article is part of a series on the latest trends and topics impacting today’s technology decision-makers.
Dive deeper into this topic.
Learn more about how a new type of cloud can tame IT and security complexity in the Forrester research paper, Regaining control with a connectivity cloud.
Get the research!Author
Mike Hamilton – @mike-hamilton-us
CIO, Cloudflare
Key takeaways
After reading this article you will be able to understand:
The vicious cycle that point products have created
How to trade complexity for simplification
The role of seamless integration in a secure future