Major Data Security ‘Convergence’ On Tap For 2025: Solution Providers

Solution provider executives tell CRN they’re seeing a critical need for complete data security offerings in the era of AI-related data exposure and other risks.

Solution providers are finding a critical — and so far, not fully met — need for consolidated data security platforms in the era of AI-related data exposure and other risks, solution provider executives told CRN.

Similar to what has happened in the cloud security market, data security capabilities are beginning to see a significant “convergence” that will likely only ramp up in 2025, according to Stratascale’s Justin Flynn.

Without a doubt, there’s a growing need to ensure that data—especially the data leveraged by AI models—is protected from breaches as well as misuse, said Flynn, senior director for cybersecurity professional services at Stratascale, a subsidiary of Somerset, N.J.-based SHI International, No. 13 on CRN’s Solution Provider 500 for 2024.

To do so effectively entails everything from data discovery and classification to “making sure that only certain people have access to the right types of data, including the AI models,” Flynn said.

This also means ensuring that AI is “not picking up on the wrong things or putting together analytics on things it shouldn’t,” he said. “I think that's going to be the thing for next year — not just protecting against data breaches, but [against] data within an organization being accessed in the wrong ways.”

Ultimately, a “bunch of these point products are converging into platforms,” Flynn said. “That’s what I'm interested to watch for next year.”

Data Security Roadmaps

Optiv’s Max Shier said he is similarly expecting greater consolidation and convergence in the industry when it comes to data security tools.

“There is going to be a convergence of those tools and capabilities,” said Shier, CISO at Denver-based Optiv, No. 25 on CRN’s Solution Provider 500 for 2024.

In data security, many vendors currently have their own niche, often based upon what segment of the industry or IT environment they focused on. But “they all have roadmap items that close the gaps on where they're lacking,” Shier said.

For instance, when it comes to the fast-growing segment of data security posture management (DSPM) — provides visibility into the locations and security of data stored in an organization’s cloud environments — it’s still not the complete answer for protecting data, he said.

“It does not have all the capabilities across all the data stores,” Shier said. “You're still going to have to cover the gaps until those roadmap items get closed next year. And I will say, for the majority of them, 2025 is where they're going to start closing the gaps on capabilities like that. So you're going to see them mature significantly.”

At this point, doing so is not really an option. “It’s forced [to happen] because of the AI aspects of things — and the fact that data protection and privacy, and being able to understand if you have a material breach, is now becoming a serious focus. It’s a requirement now,” he said. “If you can't speak to the SEC about whether or not something is material, quickly, you're going to have issues. And you can't do that really, unless you have a DSPM solution.”

Steve Stumpfl, executive vice president of sales at Irvine, Calif.-based Tevora, said his company is among those finding surging demand from customers to assist with data security issues in order to lay the groundwork for AI initiatives.

As part of planning for 2025, “we’re narrowing down on what are the three or four big movers for our client,” Stumpfl said. “And I think DSPM in general and AI are the two major ones.”