Complexity is the bane of effective cybersecurity. The need to maintain an increasing array of cybersecurity tools to protect organizations from an expanding set of cyber threats is leading to runaway costs, staff inefficiencies, and suboptimal threat response. Small to medium-sized enterprises (SMEs) with limited budgets and staff are significantly impacted.
On average, SMEs manage more than a dozen different security tools, making it very difficult for security teams to manage and orchestrate. SMEs are, understandably, looking to consolidate their security tools to make cybersecurity more manageable and cost-effective.
The challenge for these companies is to figure out how to consolidate cybersecurity tools without losing needed protections safely. An upcoming webinar is set to help SMEs with this very issue (sign up here).
The Cybersecurity Complexity Problem Cannot Be Overemphasized
Over the past decade (at least), CISOs have continuously lobbied for increased cybersecurity budgets to acquire more and more "essential" tools.
With an unremitting barrage of cyber threats continuously tweaked and reimagined to bypass existing defenses, adding new technologies designed to thwart the new attack techniques seemed warranted.
As they say, however, sometimes the cure is worse than the disease. As a result of this tool sprawl caused by the cyber-arms race, SMEs today are faced with:
- Too Many Cybersecurity Tools - Maintaining, updating, integrating, and ultimately utilizing a growing set of complex tools that are typically not designed to work with each other is challenging.
Properly integrating multiple tools, so security practitioners aren't forced to move between panes of glass constantly is expensive and complex - think SIEM and SOAR tools, which are typically out of reach for SMEs.
Not only is it expensive and complex to integrate the cybersecurity stack into these tools, but they then have to be continuously cared for and add additional tools to the mix, which counteracts the desire for consolidation.
Another issue facing SMEs is that not every tool turns out to be as useful or usable as expected. Or, some tools have simply reached the end of life but are maintained because they do provide some value. Perhaps reshuffling the "tool deck" could help weed out less useful tools while adding fewer yet far more useful tools.
- Too Many Vendors - As if managing the tools weren't enough, dealing with an expanding set of vendors adds another source of headaches for SME CISOs. Some vendors are overbearing, some are unreachable, and a few are actually helpful. And trying to get security technology companies to collaborate has never been any CISOs idea of a good time.
- Too Few Security Practitioners - More threat variations and more tools to manage means more headcount is required. However, headcount expansion concomitant with technology expansion is the exception vs. the rule so existing security staffs become overburdened with additional tools. The tools are supposed to make security practitioners' lives easier and often do, but carry the burden of additional and separate tools to learn and care for.
- Too Small of an ROI - Perhaps the most egregious outcome of too sprawl is that many organizations are getting too little return on their sizable investments. Lots of under-integrated, specialized tools with too few security professionals to leverage the technology means improvements to the enterprise's security posture are often incremental and not worth the price paid. The corollary is that retargeting the investment into the proper set of tools will result in more noticeable improvements.
Consolidating the Security Stack without Compromising Protection
This is the question. Perhaps newer security technologies, designed to solve multiple problems, can be used to supplant older, siloed, specialized technologies. Some of these older technologies were brought in as a stopgap for a specific threat, which may or may not still exist and may or may not is addressed by broader technology solutions. This is one of the suggestions to be provided in the upcoming webinar. Register here.
