RSA Conference 2022 show floor
Photo: RSA Conference

There are too many security tools

Protocol Enterprise

Hello and welcome to Protocol Enterprise! Today: Why consolidation appears imminent for the cybersecurity industry, how GitHub is playing an important role in Microsoft’s developer strategy and the “rather absurd” discussion around that Google sentient AI thing.

Buyer’s market

For years, the cybersecurity industry has defied the forces of consolidation: For every security vendor that got acquired, several new ones would spring up. That's created a market with a whole lot of security vendors — arguably, too many.

Major cybersecurity firms haven't been aggressively snapping up venture-backed startups because valuations have been "unreasonable" for a while now, according to Zscaler Founder and CEO Jay Chaudhry.

  • Prices are now coming back down, though, amid the signs of a slowing economy and the dramatic reduction in public company valuations. That's creating an acquisition opportunity for larger players like Zscaler, Chaudhry said.
  • When it comes to M&A, "For us, now is the time to look," agreed Secureworks CEO Wendy Thomas.

Cybersecurity consolidation would also be welcome news for many customers, who've been grappling with "tool sprawl,” industry experts told Protocol.

  • "The market is crying out for it," said Ryan LaSalle, a senior managing director and head of the North America practice for consulting giant Accenture Security.
  • "Many of our clients talk about how many tools are in their portfolio — our back-of-the-envelope math is around 60 to 80 in a security architecture,” LaSalle said. “Some companies are as high as 140, which is an untenable amount of sprawl."

The complexity of configuring and using so many security tools is a huge problem for businesses, said Frank Dickson, group vice president for Security and Trust at IDC. In part, that’s because almost no one has enough skilled people to go around, he said.

  • Meanwhile, for CISOs and other buyers, "it's really hard to wade through all the marketing hype to find the things that really work," LaSalle said.
  • As a result, consolidation in security is practically "necessary” for businesses at this point, Dickson said. The various dynamics "almost mandate that we ask our security vendors to offer more comprehensive, integrated solutions, instead of offering best-of-breed point products," he said.

Read the full story here.

— Kyle Alspach (email | twitter)


Hybrid work success looks different depending on who you ask. Your company is made up of a cast of players, each with a role critical to a competitive and thriving business, and with an eye on their North Star: employee happiness. How do you appease all those stakeholders?

Learn more

Why Microsoft bought GitHub

Microsoft has a “huge opportunity” to marry its developer tools experience with its Azure business, riding the momentum that it’s built up with GitHub and Visual Studio, and introducing developers to what it can offer with its public cloud, according to Amanda Silver, corporate vice president of Product for Microsoft’s developer tools division.

“A developer is increasingly like being a systems integrator in that you are using all of these different services to assemble together into a single solution, and so one really amazing category of cloud infrastructure that we've been working on is called enterprise iPaaS,” Silver said this week during a Microsoft presentation on the “developer cloud.”

Enterprise iPaaS means integration platform as a service, Silver explained: Assemble all the different APIs that are available – those developed inside of a developer’s company, in the public market or by other developers – so developers can modernize their systems to more quickly create new applications, while having governance and compliance to ensure the right people are accessing the data to which an API has access.

Microsoft has lots of room for growth in moving developer workloads to the cloud and increasing its developer base, according to Silver.

“We have still a lot of room for growth in terms of bringing more Java developers onto our tools, Python developers, as well as data scientists, which is a new category that's adjacent to developers,” Silver said. “What we're seeing is that data is increasingly being used in the process of software development, and we have an opportunity to actually bring those into our developer environment as well and make that a part of the usual workflow.”

— Donna Goodison (email | twitter)

I’ll be your AI mirror

AI is not on the verge of sentience, said Oren Etzioni, founding CEO of Seattle’s Allen Institute for AI, a nonprofit he created along with Paul Allen, the late Microsoft co-founder.

“I think that's rather absurd,” Etzioni told Protocol on Thursday, referring to a Google engineer's contention that a Google language model has achieved human-like intelligence.

“These are just mirrors, OK? They take in these billions of sentences, they store a representation of them and their almost trillion parameters and then they mirror back what they see. And then a person looking in this mirror – and particularly a person posing intelligent questions or leading questions – can see glimmers of intelligence in the mirror. But all it is, is a mirror,” said Etzioni, who just announced his plan to leave his role with the institute, also known as AI2, in September.

Overstating the capabilities of AI is not good for the field, he said, alluding to OpenAI’s claims that it is moving toward artificial general intelligence. “Statements that they have something called pre-AGI, or pre-artificial general intelligence, are just kind of irresponsible PR.”

Etzioni declined to comment on his planned departure from AI2.

— Kate Kaye (email| twitter)

Around the enterprise

TikTok announced that it had moved all of its U.S. traffic to Oracle’s cloud services, almost two years after a debate over TikTok, Oracle and the Trump administration melted everyone’s brains.

The U.S. Department of Justice and several European law enforcement agenciesdisrupted a Russian botnet that had compromised more than 300,000 devices, they announced Friday.


Rightsizing, where each meeting space is outfitted for a specific purpose, is top of mind for facilities pros. Reconfiguring rooms to support new hybrid work schedules enables personalization and a safe return to the office. Understanding how employees will use spaces as they come back will be critical for success.

Learn more

Thanks for reading — Protocol is off Monday for Juneteenth — see you Tuesday!

Recent Issues