Complexity is the curse of effective cyber security. The need to support the growing range of cyber security tools to protect organizations against the increasing number of cyber threats leads to additional costs, staff inefficiencies and a sub-optimal response to threats. Small and medium-sized enterprises (SMEs) with limited budgets and staff are severely affected.
On average, small and medium-sized enterprises manage more than a dozen different security tools, making it very difficult to manage and organize security teams. For understandable reasons, SMEs are trying to consolidate their security tools to make cyber security more manageable and cost-effective.
The challenge for these companies is to understand how they can consolidate cyber security tools without losing the necessary protection. The following webinar is meant to help small and medium sized companies solve exactly this problem (register here).
The complexity of cybersecurity cannot be overestimated
Over the past decade, NGOs have (at least) consistently argued for higher budgets for cyber security in order to acquire the increasingly necessary tools.
Given the constant stream of cyber threats, which are constantly being improved and reconsidered to circumvent the existing defence system, the use of new technologies to counter new methods of attack seemed justified.
But as they say, sometimes the cure is worse than the disease. Due to the proliferation of this instrument as a result of the cyber-weapons race, SMEs are now facing this challenge:
- Too many tools for cyber security – Maintaining, updating, integrating and ultimately deploying a growing number of complex tools that are not normally designed to work together is a challenge.
Properly integrating multiple tools so that security practitioners don’t have to constantly switch from one application area to another, which is expensive and difficult – I think SIEM and SOAR tools are generally not available to small and medium sized companies.
Integrating the cyber security stack into these tools is not only costly and complex, but also requires continuous maintenance and the addition of additional tools to counteract the consolidation effort.
Another problem for SMEs is that not all instruments are as useful or useful as expected. Or some tools are just at the end of their useful life, but are kept because they really have some value. Maybe redesigning the toolbar will help you get rid of less useful tools, while adding even less but much more useful tools.
- Too many vendors – As if it wasn’t enough to manage tools, working with a growing number of vendors is another source of headaches for CISOs in SMEs. Some providers are too powerful, some are not available and some are really useful. And trying to get security technology companies to work together has never been a good idea for CISO.
- Too few security practitioners – need more threat variations and more management tools, which means more staff. However, increasing the number of employees in the development of the technology is an exception to the rule, so that existing security staff are overburdened with additional tools. These devices are supposed to make life easier for safety experts, which they often do, but they carry the burden of additional and separate devices for training and care.
- Underperformance – Perhaps the most monstrous consequence of over-expansion is that many organizations fail to get sufficient return on their significant investments. The abundance of insufficiently integrated specialized tools and the insufficient number of security experts capable of using this technology means that improvements in an organization’s security posture are often incremental and not worth paying for. It follows that redirecting investment to a mix of suitable instruments will lead to more tangible improvements.
Uncompromising consolidation of the safety battery
That’s the question. Perhaps new security technologies, designed to solve multiple problems, can replace old, specialised and isolated technologies. Some of these older technologies were introduced as a transitional measure to address a specific threat, which may or may not exist and which can be addressed by more comprehensive technological solutions. This is one of the proposals that will be presented during the next webinar. Sign here.