‘Platformisation is a myth.’ According to Long Standing Cyber Analyst

Artificial Intelligence | Innovation | Leadership | Vendor Management

Posted: Thursday, May 21

KBI.Media
$
‘Platformisation is a myth.’ According to Long Standing Cyber Analyst

Karissa Breen, more commonly known as KB, is crowned a LinkedIn ‘Top Voice in Technology’, and widely recognised across the global cybersecurity industry. A serial entrepreneur, she is the co-founder of the TMFE Group, a portfolio of cybersecurity-focused businesses spanning an industry-leading media platform, a specialist marketing agency, a content production studio, and the executive headhunting firm, MercSec. Now based in the United States, KB oversees US editorial operations and leads the expansion of the group’s media footprint across North America, while maintaining a strong presence in Australia, and the broader global market. She is the former Producer and Host of the streaming show 2Fa.tv, and currently sits at the helm of journalism for the group’s flagship arm, KBI.Media, the independent cybersecurity media company. As a cybersecurity investigative journalist, KB hosts her globally-renowned podcast, KBKast, where she interviews leading cybersecurity practitioners, CISOs, government officials including heads-of-state, and industry pioneers from around the world. The podcast has been downloaded in over 65 countries with more than 400,000 global downloads, influencing billions of dollars in cybersecurity budgets. KB is known for asking the hard questions and extracting real, commercially relevant insights. Her approach provides an uncoloured, strategic lens on the evolving cybersecurity landscape, demystifying complex security issues and translating them into practical intelligence for executives navigating risk, regulation, and rapid technological change.

i 3 Table of Contents

‘Platformisation is a myth.’ According to Long Standing Cyber Analyst

From Karissa Breen

Cybersecurity industry analyst Richard Stiennon at IT-Harvest says artificial intelligence is reshaping the future of digital defence at a pace most organisations still don’t fully understand and legacy security vendors could be in serious hot water if they fail to adapt.

The longtime Analyst and Founder at IT-Harvest argued that AI is no longer just another trend inside cybersecurity, it is now “overshadowing” every other major movement in the industry.

“All the trends are overshadowed by the impact of AI security,” Stiennon said. “That’s to me the most exciting part because… this is changing everything.”

Stiennon explained the AI security market has split into two major categories:

Securing AI systems themselves
Using AI to automate and strengthen cybersecurity operations

The first focuses on protecting organisations from employees leaking sensitive data into AI tools, while also defending large language models from prompt injection and manipulation attacks. The second category, which Stiennon believes will have the biggest impact which centres on AI-powered security automation.

“How do we use AI to improve our security processes?” he said.

According to Stiennon, the sector has exploded so quickly that IT-Harvest is now tracking 354 AI security vendors after only formally monitoring the category for just over a year.

The analyst warned that many security leaders still underestimate the pace AI capabilities are advancing.

“We’re just not used to thinking at scales like that of things doubling every two and a half months,” Stiennon said.

Stiennon also said AI agents are poised to fundamentally reshape security operations centres (SOCs) by automating a significant share of analyst work that still depends on human intervention.

He pointed to a new wave of AI-native security startups building systems that can operate with minimal oversight like triaging alerts, investigating suspicious activity, opening and managing cases, orchestrating remediation and integrating with the wider security toolchain.

“Once a CISO says, ‘well, I better try this out,’” he explained, “and they realise it works… then you’re going to completely swap out your SOC for automated agents.”

Despite the automation wave, Stiennon argued security professionals are unlikely to disappear entirely, instead shifting toward higher order tasks such as training AI agents, threat intelligence and strategic defence operations.

The veteran analyst also took aim at the cybersecurity industry’s ongoing push toward “platformisation,” where major vendors attempt to consolidate multiple security functions into unified ecosystems or a ‘single pane of glass’.

Stiennon called the trend misleading, arguing organisations still rely heavily on best of breed tools rather than a single dominant platform.

“Platformisation is not a trend,” he said. “There’s 4,000 vendors out there and there’s no platform that can do it all and there never will be.”

He also warned that some of the largest legacy cybersecurity vendors risk falling behind as AI-native startups rapidly innovate and could become top dog.

“Legacy vendors” including major firewall, endpoint and infrastructure players may struggle to justify existing pricing models as AI reduces operational overhead and fundamentally changes how organisations consume security technology, according to Mr Stiennon.

At the same time, Stiennon believes the rise of large language models (LLMs) is already disrupting how cybersecurity buyers conduct product research and vendor discovery.

Instead of relying exclusively on traditional analyst reports or vendor marketing material, more buyers are turning directly to tools like ChatGPT and other AI assistants for product comparisons and guidance, which is faster and cheaper.

“People are finding that they can get good enough answers from ChatGPT,” he said.

The shift, he argued, is forcing cybersecurity marketing and media strategies to evolve alongside AI search behaviour.

“LLMs are not interested in keywords like Google is,” Stiennon said. “They are interested in ideas.”

Looking ahead, Stiennon predicted the standalone “AI security” category itself may eventually disappear because AI capabilities will become embedded across every layer of cybersecurity technology.