• Cybersecurity platformisation reduces attack vectors from hundreds to single digits against AI-powered threats
• Security teams must shift from analysing 30-40% of alerts to 100% autonomous threat detection

The mathematics of modern cybersecurity are brutally simple: if you have 25 security tools in your enterprise, you’re potentially exposed to 625 different attack paths. Meanwhile, cybercriminals only need to succeed once. This stark asymmetry is driving a fundamental shift towards cybersecurity platformisation, according to Sailesh Rao, President of Cortex at Palo Alto Networks.

Speaking exclusively to Tech Wire Asia during the recent Ignite on Tour Malaysia 2025, Rao delivered a sobering assessment of why the traditional “best-of-breed” approach to cybersecurity is not merely outdated—it’s dangerous.

“For ‘n’ nodes in the network, you can be compromised in ‘n’ squared ways,” Rao explained. “The bad guys have to just get through once. That’s the asymmetry that most people don’t understand.”

Put simply: each security tool can be attacked directly, but attackers can also exploit the connections between tools—and these connection points multiply rapidly as you add more solutions.

This mathematical reality demolishes the comfortable notion of “best-of-breed” security strategies. Rao argues that whilst multiple vendors feel safer, “the cost of putting all your eggs in multiple baskets and then having to watch all those baskets and keep them all in sync is way higher.”

It’s a counterintuitive argument that challenges decades of IT procurement wisdom, but one that becomes increasingly compelling when viewed through the lens of modern attack methodologies.

The fatal flaw in point solutions

The proliferation of cybersecurity point solutions over the past decade has created an unintended consequence: exponential vulnerability. Each additional security tool doesn’t just add one more potential failure point—it creates multiple integration gaps that sophisticated attackers can exploit.

“Just imagine if you have five tools in your enterprise. That’s at least 25 ways in which you can get compromised,” Rao noted. “If you have two tools, you can get compromised at each tool and on the path from one to the other.”

This mathematical reality becomes even more problematic when considering the speed of modern attacks. Recent data from Palo Alto Networks’ Unit 42 research team documented attacks that achieved full ransomware deployment within 40 minutes. “If you came 40 minutes later, you wouldn’t even have seen anything, and your IP is gone,” Rao observed.

The contrast with traditional breach timelines is stark. Whilst some attackers remain dormant in systems for years—Rao cited a Toyota case where attackers maintained access for a decade—others now operate with devastating efficiency, completing their objectives faster than most security teams can detect them.

The promise and peril of AI-driven security

No doubt, the emergence of AI as both a defensive and offensive weapon has fundamentally altered the cybersecurity landscape. Whilst organisations scramble to implement AI-powered security tools, cybercriminals are simultaneously leveraging the same technologies to enhance their attacks.

“We are now generating attacks in our lab, 100% generated by AI, that we then put on our products and have them fight,” Rao revealed. This arms race dynamic underscores why cybersecurity platformisation has become critical—fragmented security architectures simply cannot process and correlate threat intelligence quickly enough to counter AI-enhanced attacks. 

Success in this environment requires not just AI-powered tools, but also the data infrastructure to train them effectively. Palo Alto Networks has been investing in machine learning capabilities since 2013, well before the current AI boom.

“In 2013, when we were using machine learning, nobody was talking about it like we are today,” Rao noted. This early investment has yielded significant advantages, particularly in data collection and analysis capabilities.

The company now processes approximately one exabyte of security data—a scale that enables more sophisticated threat detection than competitors relying on synthetic data or smaller datasets. 

“We have more real data, cyber-specific, than anyone else,” Rao explained. “When you take a large dataset like we do and want to find the needle in the haystack, we don’t have to use synthetic data. We have real data.”

The open source security paradox

The proliferation of open-source AI models presents a particular challenge for cybersecurity platformisation strategies. Whilst open-source development offers innovation benefits, it also introduces significant security risks through its inherently distributed development model.

“Just like having 25 point solutions, imagine having 100 software engineers from all over the world updating your open-source tool,” Rao explained. “That variability is what hackers take advantage of.”

This variability manifests in inconsistent coding practices, varying security standards, and potential supply chain vulnerabilities that attackers can exploit. For organisations attempting to secure their infrastructure, managing these risks across multiple open-source components becomes exponentially more complex than securing a unified platform.

Reimagining human roles in autonomous security

Perhaps the most significant implication of cybersecurity platformisation is its impact on human security professionals. Current industry practices see most security teams analysing only 30-40% of security alerts—a statistic that Rao finds unacceptable.

“If you had 10 thieves outside your house and cops took four away, would you sleep comfortably?” he asked. “You wouldn’t take those odds anywhere else, but we do it in cybersecurity all the time.”

The solution lies in transitioning from human-centric to AI-centric security operations, with humans moving from detection roles to strategic oversight positions. “We want to make humans go from being detectors to defenders,” Rao explained. “We’re not good at looking for needles in a haystack. That’s not how our mind works.”

This evolution envisions security professionals as trainers of machine learning models rather than manual alert processors—a shift that requires significant retraining but promises more effective security outcomes.

Regulatory Compliance in a Platform World

As cybersecurity platformisation accelerates, regulatory compliance becomes both simpler and more complex. Palo Alto Networks maintains compliance with major standards including GDPR, FedRAMP, and IRAP, whilst working towards DORA compliance in Europe.

However, the rapid evolution of AI and cloud technologies often outpaces regulatory frameworks. “Some countries are still developing standards, so we work with regulatory bodies to help define some of them,” Rao noted.

The economics of consolidated security

The financial argument for cybersecurity platformisation extends beyond direct cost savings. Whilst organisations might initially view platform consolidation as putting “all eggs in one basket,” Rao argues this metaphor misses the point entirely.

“You put all your eggs in one basket already,” he observed, pointing to mobile phones as an example. “Your entire life is on this one platform. You don’t walk around with a different telephone, video recorder, tape recorder, or camera.”

The key difference lies in management philosophy: intensive monitoring of fewer platforms versus superficial oversight of many fragmented solutions.

Looking forward: The autonomous security future

As the cybersecurity industry grapples with an unprecedented skills shortage—Bill Gates recently identified software engineering as one of only three professions likely to survive AI displacement—organisations must reconsider how they deploy limited human resources.

“If you have a scarce resource, make sure you use it most effectively,” Rao advised. “You shouldn’t be using AI talent to integrate point solutions across various vendors. That’s not the best use.”

The vision of 80-85% autonomous cybersecurity operations may seem ambitious, but given the speed and sophistication of modern threats, it appears increasingly necessary rather than merely aspirational.

The choice facing organisations is stark: embrace cybersecurity platformisation now, or risk becoming another cautionary tale in an increasingly dangerous digital landscape. As Rao concluded, “We don’t want companies to learn all this after a breach—it’s a very expensive way to learn something.”