Though many security leaders have long believed that choosing the best individual solution (often from a pure-play vendor) for a project will result in the strongest cybersecurity, 2023 Fortinet Global Ransomware Report data shows that organizations that reported taking a point product approach were the most liable to become ransomware victims.
This may be what accounts for the apparent disconnect between perception and reality. Though 78% of participating organizations believe they are “very” or “extremely” prepared to mitigate an attack, 50% nonetheless fell victim to ransomware last year. Conversely, enterprises that had combined solutions via a platform approach, either in full or with select point products, were more secure.
To safeguard the whole attack surface – including operational technology (OT), the cloud and all edges – organizations can adopt a security fabric approach that operates across hybrid settings. This approach takes into account the changing threat environment, shortens the response time and simplifies management, which are all factors that can help improve an organization’s cybersecurity posture.
Given the ubiquity of multi-vector, multistage cyber-attacks, it is imperative that enterprises approach cybersecurity as a totality rather than as a collection of discrete projects and products. Partners have the opportunity to help guide organizations to adopt this approach.
More Tools, More Problems
Almost all the leaders polled (91%) anticipated higher security budgets this year, which they will spend on solutions and services to further protect their networks from the possibility of ransomware attacks. As teams consider new solutions to guard against ransomware, it is essential to gauge the enterprise's current security stance before spending more of the budget.
Although it's good to see businesses invest in new technology to protect themselves from ransomware, the truth is that frequently, merely adding tools to an already crowded toolbox isn't enough to reduce an organization's risk of attack.
Although a growing percentage of report respondents (45%) claim to use a combination of security platforms and point products, 36% still solely purchase the "best-of-breed" point solutions. Consequently, some security teams find themselves spending a lot of time maintaining different products that have been implemented over time and battling to get their technology to work successfully as a whole. Such manual processes might also make it more difficult for a security team to get the needed information and react quickly to a ransomware incident.
Organizations are consolidating their use of point products and shifting their focus to fewer but more effective strategic platforms. The report's findings confirmed this; 99% of participants believe that platforms or integrated solutions are necessary to thwart ransomware attacks.
Moving Customers Toward Greater Consolidation
Partners have an opportunity to truly act as a trusted advisor and help their customers understand why a consolidated approach can be a better strategy. It starts with reminding customers that "more" doesn't always mean "better,” particularly with respect to technology. Advise them to look for these same technologies as platform components that are intrinsically engineered to perform flawlessly together, almost like a security mesh architecture, rather than continuing to choose best-of-breed point solutions that run in isolation.
It’s clear that a well-coordinated cybersecurity strategy helps to protect companies from ransomware and other types of assaults. So, it's important to advise customers to focus on the areas of risk that they already know about – such as robust email security at the gateway and endpoint, routinely identifying and reducing attack surface exposure, identity management with frequent credential updates strong authentication – before rushing out to acquire the newest trendy technology. Then they can consider adding more AI-driven technologies to speed up detection and response.
To use security platforms to their full potential, it takes more than just technology – it takes the right people and processes, too. Enterprises will need to invest in these as well to create a holistic and successful security strategy. They can either prepare their people and create effective processes themselves or use incident readiness and response services to help with developing new and testing current strategies. These services will pinpoint any areas that need improvement via activities like building playbooks and IR plans, completing a gap analysis and running tabletop exercises.
Goodbye to Solution Sprawl
Many organizations are grappling with too many siloed cybersecurity tools that don’t work well together. When it comes to those tools, more doesn’t necessarily equal better. The Ransomware Report revealed the perhaps counter-intuitive the fact that a collection of disparate solutions, no matter how nice a collection it is, cannot protect the corporate network as well as a platform approach can. In fact, point solutions only make security team’s job harder.
An increasing number of enterprises today are starting to look to consolidate point products to improve the efficiency and efficacy of their security. This is an opportunity for channel partners and VARs to steer enterprises toward the security platform approach that involves fewer moving parts but stronger security overall.
Author Ken McCray is vice president of Channel Sales, US, Fortinet. Read more Fortinet blogs here. Regularly contributed guest blogs are part of MSSP Alert’s sponsorship program.
