Look around the cybersecurity infrastructure at any enterprise organization and here’s what you’ll see – dozens and dozens of cybersecurity tools from just as many vendors.
Now this situation wasn’t planned, it just happened. Over the past 15 years, bad guys developed new cyber-weapons to exploit IT vulnerabilities. Large organizations reacted to these new threats by purchasing and deploying new security controls and monitoring systems. This pattern continued over time, leading to today’s patchwork of security point tools.
So, what’s the problem? Point tools aren’t really designed to talk with one another, leaving human beings to bridge the communications, intelligence, and technology gaps between them. Furthermore, each individual tool requires training, deployment, configuration, and ongoing operational support. More tools, more needs.
Too Many Tools; Too Few People
Fast forward to 2017 and there simply aren’t enough eyeballs, hands, or hours in the day to make this jerry-rigged security model work. Want proof? In a 2016 research project conducted by ESG and the Information Systems Security Association (ISSA), survey respondents were asked about the ramifications of the global cybersecurity skills shortage on their organizations. Alarmingly, 35% said that the skills shortage has created a situation where the cybersecurity staff doesn’t have adequate time to learn the nuances of the security technologies they purchase, leading to a condition where these technologies aren’t used to their full potential.
In summary, many enterprises have too many security point tools and not enough time. And the downsides here are pretty bad – complex operations, employee burnout, low ROI, and increased risk.
Fortunately, CISOs recognize the state of their cybersecurity technologies and are adjusting their strategies accordingly. Recent ESG research reveals that 24% of enterprise organizations claim that they are actively consolidating the number of cybersecurity vendors they do business with, while another 38% are consolidating the number of cybersecurity vendors they do business with on a limited basis and another 21% are considering vendor consolidation. Look for this trend to continue and accelerate.
Cybersecurity Tools: Lack of Integration
As previously mentioned, another issue with point tools is their inherent lack of integration with one another. CISOs are busy addressing this as well with updated security technology procurement strategies – 74% of survey respondents say that their organizations select best-of-breed security technologies but only if they are designed for broader integration. This sentiment was summarized by a CISO I spoke with who exclaimed, ‘Integration is the new best-of-breed.’
It will certainly take time for large organizations to replace legacy security point tools with new technologies built for integration, but the ESG data points to a burgeoning trend. Enterprise organizations are actively tossing security point tools aside and building integrated security technology architectures (similar to ESG’s SOAPA model). Henceforth, security point tools must offer standalone functionality and easy integration into broader security architecture, and must be able to interoperate with other security technologies to provide a force multiplier effect.