When it comes to licensing cybersecurity solutions, organizations are often faced with a crucial decision: to opt for a “Best of Breed” solution or to seek out the “Best Fit” for their business requirements. Both approaches come with their own set of advantages and challenges and this dilemma can become particularly contentious when considering solutions that require customization, configuration, and potentially excessive planning to implement. So, for simplicities sake, lets delve into the intricacies of these two approaches only and explore how they should be applied to cybersecurity.
“The decision between Best of Breed and Best Fit solutions is not always a simple exercise. Organizations must grade and score innovation, specialization, customization, and support to determine the approach that best aligns with their business objectives, risk tolerance, and long-term costs.”
Morey Haber, Chief Security Advisor, BeyondTrust
Best of Breed
Best of Breed solutions are characterized by their excellence in a particular aspect, function, technology, or discipline. These solutions are often created by industry startups with creative resources and expertise dedicated to a specific cybersecurity domain, such as endpoint detection and response, identity security, or threat intelligence. However, there are edge cases where this is not always true especially in existing or legacy markets. Organizations are drawn to Best of Breed solutions for their innovation, reliability, and vendor reputation as a dedicated solution as specific business investment.
When it comes to cybersecurity, Best of Breed solutions typically offer a targeted approach for a scope of threats and risk mitigation. These solutions are frequently at the forefront of change, incorporating the latest technologies, standards, and methodologies to stay ahead of cutting-edge threat actors. Moreover, they typically experience exponential adoption and ground themselves with case studies, testimonials, and thought leadership that creates a story around their best of breed solutions.
However, the allure of Best of Breed solutions can come at a cost. Customization and configuration, to align with an organization’s unique business requirements, can be complex, labor-intensive, or just out right not supported at all. They are generally cookie cutter deployments that scale fast but are rigid for unique business requirements. Integration with existing infrastructure may also pose compatibility challenges especially for legacy environments, requiring other vendors to fill gaps for things like unique operating systems, legacy hardware, or custom developed applications. Best of breed does not mean best of everything. It means it is the best for its designed scope but may not provide the coverage or compatibility for all organizations.
Best Fit
An alternative method for finding the best solution is based on suitability. Best Fit solutions prioritize alignment with the specific needs and environments of an organization. These solutions may come from any vendor — from the largest organization (secondary products) to the smallest niche vendors — in the cybersecurity market. While they may not boast the same level of recognition or diverse feature set as their Best of Breed counterparts, Best Fit solutions outrival their counterparts by addressing the precise requirements for their business.
Organizations typically choose Best Fit solutions because of their flexibility and adaptability for a specific use case or workflow. These solutions are tailored based on a known problem, specific vendor integration, or configuration that streamlines a user experience or overall sustainability. By selecting this type of solution for the organization’s potentially unique environment, businesses solve a problem without excessive overhead, heavy weight solutions, and tooling that does not impede operational efficiency.
In addition, best fit solutions have some traits that are often overlooked during cybersecurity evaluations. Best fit vendors typically have a more personalized level of support and service since every client is crucial for their viability. With a focused customer base to manage, vendors of these solutions can afford to provide dedicated attention to their clients, offering timely assistance and guidance throughout the implementation and lifecycle of the solution, regardless of its complexity. This level of engagement can promote a mutual partnership leading to greater satisfaction and long-term success.
Best fit however, does have some risks and concerns. If the vendors are truly small businesses, end users may experience their limited scalability, financial viability, dependency on a small number of employees for expertise, difficulty in hiring trained staff, and potential lack of comprehensive features compared to best of breed solutions. Organizations may find themselves exceeding the capabilities of a best fit solution as their needs change or as the threat landscape evolves with new attack vectors. Additionally, the relative obscurity of some best fit vendors may raise concerns about their long-term viability, supportability, and necessitate a careful evaluation and risk assessment.
Making the Decision
The decision between Best of Breed and Best Fit solutions is not always a simple exercise. Organizations must grade and score innovation, specialization, customization, and support to determine the approach that best aligns with their business objectives, risk tolerance, and long-term costs.
For organizations with strict security controls and a need for a diverse solution that can be adjusted for multiple use cases, best of breed solutions may offer the necessary breadth and depth of capabilities to adapt to a changing threat landscape. Despite the challenges associated with customization, configuration, and implementation, the long-term investment in best of breed solutions can be a demonstrable solution that mitigates a wide variety of attacks and issues, as a definable return on investment.
However, organizations operating in niche industries or facing unique security challenges based on tooling, workflows, operational technology, etc. may find that a best fit solution offers the personal support and elasticity required to address their specific concerns. While these solutions may not be household names or offer diverse feature sets like their counterparts, their ability to support an organization can provide invaluable advantages in the long run through support, roadmaps, and customization.
Your Choice
In fairness, there is no one-size-fits-all solution — ever. Best of Breed and Best Fit approaches each have their pros and cons, and the best choice depends on a multitude of factors, including organizational priorities, budget constraints, risk appetite, etc. Building an RFP (Request for Proposal) and a scoring mechanism for both is highly recommended to make the best decision for your organization.
In the end, the best decision requires striking a balance between innovation, feasibility, specialization, configuration, customization, supportability and sustainability, to bridge the organization’s strategy to the best type of solution. By embracing diversity in cybersecurity solutions where an organization uses both types of solutions, and by adopting a pragmatic approach to decision-making, organizations can select the best cyber security solutions based on criteria verses vendor name and analyst reviews of big box brands.