The majority of companies (72%) rely on multi-vendor ecosystems despite the fact that such fragmented security solutions lead to operational and financial strains. Such findings were revealed in the recent Kaspersky’s research.
A study titled “Improving resilience: cybersecurity through system immunity,” conducted by Kaspersky, examined how organizations manage cybersecurity today, focusing on vendor fragmentation, operational inefficiencies and future consolidation plans. The survey was conducted across Russia, selected countries in Europe, Latin America, the Asia-Pacific region and the Middle East, Turkey and the Africa region.
This report provides a comprehensive analysis of the current state of cybersecurity management across organizations, highlighting significant challenges associated with multi-vendor security environments. The findings reveal that nearly half of security professionals (43%) find their security stacks to be overly complex and time-consuming to maintain, which hampers their ability to respond swiftly to emerging threats. This complexity often results from the use of multiple security solutions from different vendors, each with its own management interface and operational requirements.
Furthermore, 42% of organizations experience budget overruns attributable to overlapping solutions. These redundancies not only inflate costs but also complicate resource allocation and strategic planning. Compatibility issues exacerbate these difficulties as 41% of respondents indicate that they cannot automate security processes effectively because their tools lack proper integration, leading to manual interventions and increased chances of human error. Additionally, 39% struggle with inconsistent threat visibility, as data collected from various vendors often fails to correlate seamlessly, creating blind spots and reducing overall situational awareness.
Despite these persistent challenges, a majority of organizations continue to operate within multi-vendor environments—72% currently manage security across multiple providers. Interestingly, nearly half believe that a single cybersecurity provider could sufficiently meet all their needs, suggesting a recognition of the potential benefits of consolidation. However, only 28% have adopted a single-vendor approach in practice, reflecting a cautious approach driven by concerns over over-reliance on one supplier or the perceived risks associated with vendor lock-in.
The landscape is rapidly shifting toward consolidation: an overwhelming 86% of firms are actively moving in this direction, a third (33%) have already begun merging their security tools into unified platforms, while an additional 53% plan to do so within the next two years. This trend underscores a strategic shift toward simplifying cybersecurity operations, reducing costs, and achieving more effective threat management through integrated solutions. As organizations increasingly recognize the advantages of streamlined security architectures, the move toward vendor consolidation is poised to reshape the cybersecurity landscape in the near future.
“The data indicates that many organizations rely on multiple vendors by default, rather than through deliberate strategic planning. While diversification of security solutions can offer certain benefits, such as risk mitigation and coverage breadth, an unchecked increase in complexity often leads to significant resource drain and operational inefficiencies. Moreover, this complexity can create critical blind spots, making it harder to maintain comprehensive threat visibility and respond effectively to emerging risks. The emerging trend toward consolidation reflects a maturation in cybersecurity strategies, emphasizing the adoption of integrated platforms that streamline management, reduce manual effort, and enhance overall visibility into security posture,” said Ilya Markelov, Head of Unified Platform Product Line at Kaspersky.
To enable comprehensive protection of all business assets and processes, Kaspersky experts recommend to use centralized and automated solutions such as Kaspersky Next XDR Expert. By aggregating and correlating data from multiple sources in one place and using machine-learning technologies, this solution provides effective threat detection and fast automated response. Out-of-the-box integrations, automation features and case management help make infrastructure complexity much less of an issue.
