Ross Haleliuk delivers a counterintuitive verdict that upends the traditional cybersecurity market map: the biggest threat to standalone security vendors isn't another security company, but the platform giants themselves. By tracing a trail of record-breaking acquisitions—from Google's $32 billion purchase of Wiz to ServiceNow's $7.75 billion deal for Armis—Haleliuk argues that security is no longer a niche product category but a foundational requirement for any enterprise platform. This shift matters because it redefines who holds the power in the B2B ecosystem, suggesting that the future of data protection lies not in bolt-on tools, but in the core infrastructure where work actually happens.
The Platform Pivot
Haleliuk's central thesis rests on a simple, observable reality: as enterprises digitize, the responsibility for protecting data and identities inevitably migrates to the platforms hosting that work. He writes, "Every platform vendor eventually becomes a security vendor, whether they planned to or not." This is not merely a trend but an existential shift in business models. The author supports this with staggering financial data, noting that Google has spent nearly as much on just three cybersecurity companies as it has on dozens of other acquisitions combined.
The logic behind this pivot is clear. Google, for instance, is no longer just an advertising giant; it is an enterprise cloud competitor. To win over large organizations, it must offer "first-class security capabilities natively." As Haleliuk puts it, "Acquiring companies like Mandiant and Wiz allows Google to instantly strengthen its credibility with CISOs and security teams, something that takes decades to build organically." This strategy mirrors the historical trajectory of cloud computing, where the initial focus on raw compute power has given way to a fierce competition over ecosystem capabilities like identity and compliance.
Security is no longer a standalone category reserved for specialized vendors, it has become a foundational capability expected from every enterprise platform.
Critics might argue that bundling security into a broader platform creates vendor lock-in, potentially stifling the very innovation that standalone startups provide. However, Haleliuk suggests the market is already moving past this debate, driven by the sheer necessity of integrated protection. The evidence is in the M&A activity: ServiceNow, traditionally a workflow management company, is now betting on what he calls the "workflow gravity" effect. By owning the systems where work flows, ServiceNow can influence how security decisions are made, effectively turning security into a natural extension of its core product.
Beyond the Hyperscalers
The argument extends far beyond the usual suspects like Google and Microsoft. Haleliuk highlights how even non-tech giants are being forced to evolve. Mastercard, for example, acquired Recorded Future for $2.65 billion, transforming from a payment processor into a security intelligence provider. "For Mastercard, Recorded Future most definitely wasn't its first step into cybersecurity," Haleliuk notes, pointing to a long history of smaller deals to protect its transaction network.
This pattern repeats across industries. Cisco, a networking infrastructure titan, acquired Splunk for $28 billion to merge network telemetry with security analytics. The author observes that "if you sit in the data path, you are uniquely positioned to detect threats, analyze behavior, and enforce policy." This is a crucial distinction: for networking and cloud providers, security isn't an add-on; it is the only way to maintain relevance in a cloud-first world.
The historical context here is vital. Just as the consolidation of cybersecurity startups into a handful of major players (like Palo Alto Networks) created a "platformization" narrative, the current wave sees even larger, non-security platforms absorbing these capabilities. Haleliuk writes, "Cisco's history of acquiring over 40 cybersecurity companies reflects a long-standing belief that networking and security are inseparable." This mirrors the broader trend seen in the cloud sector, where the line between infrastructure and security has blurred to the point of invisibility.
The Startup Dilemma
For founders of cybersecurity startups, this landscape presents a paradox. On one hand, the bar for entry is higher; a platform vendor can now ship a "good enough" native capability that renders many point solutions obsolete. On the other hand, the exit strategy has expanded. Haleliuk suggests that "the future of cybersecurity startups is increasingly connected to the ecosystems of large B2B platforms, not just security products."
He argues that while traditional security giants like CrowdStrike or Zscaler remain potential acquirers, the pool of buyers now includes companies like HP, which integrated security directly into its devices, or Mitsubishi Electric, which bought Nozomi Networks to secure industrial systems. "Regardless of the motivations, the outcome is the same: every significant B2B company is becoming a security company." This forces startups to decide whether to compete directly with platforms or to become the innovation layer that platforms eventually integrate.
The future of cybersecurity startups is increasingly connected to the ecosystems of large B2B platforms, not just security products.
A counterargument worth considering is that this consolidation could lead to a monoculture where a few massive platforms control the entire security stack, potentially creating single points of failure. While Haleliuk acknowledges the risk of "good enough" native tools, he emphasizes that the market demand for specialized, high-performance security will persist, especially for the most sophisticated threats. The key for startups is to build solutions that are not just better, but essential enough to be integrated rather than replaced.
Bottom Line
Haleliuk's most compelling insight is that security has ceased to be a distinct industry and has instead become a horizontal capability embedded in the DNA of every major B2B platform. The strongest part of his argument is the empirical evidence of record-breaking acquisitions across diverse sectors, proving this is a structural shift, not a temporary trend. However, the piece leaves open the question of whether this integration will truly enhance security or simply create more complex, opaque ecosystems that are harder to audit. Readers should watch for how these platforms balance their new security mandates with the need to avoid antitrust scrutiny and maintain trust with enterprise customers.