Roll back complexity before it’s too late

Given the anecdotal evidence from my clients, I’d say that ’75’ is a very low number of security tools for a large enterprise. I’ve seen clients with more than 400. I’m going to name a new class of tools: Metatools. These are tools that manage your current tools.

We’re all fed up of vendors talking about SIEM as a ‘single pane of glass’. How about a panopticon that looks at all of your current tools and attempts to make sense of them (we sell Axonius for this very reason)? Or a set of smoke alarms that go off when your security controls fail to identify and contain a breach (Cymmetria’s MazeRunner and CybelAngel fit here)?

But, these are short/medium term fixes to the underlying problem of complexity. If you have a Security Enterprise Architecture or similar function, what are they doing to make operational risk management more efficient and less complex for your business?…:

[…] It’s natural to think the answer to these threats would be to buy more technology, more tools and hire more people to manage them. In essence, more everything. Research shows this has been the strategy many organisations have taken; industry reports put the average number of security tools in an enterprise at a staggeringly high 75.

But has this approach led to fewer instances of business compromise, disruption, breaches or successful cyberattacks? Does having too many security tools—and not having the right personnel to manage them – have the opposite effect when it comes to keeping your company safe? The complexity of your security environment contributes to inefficiencies, ineffectiveness and, ultimately, risk. And your enterprise can’t afford more risk.

These evolving and expanding technological needs have, in turn, created a larger attack surface for adversaries to exploit. So, covering that attack surface with more technology might seem like a natural reaction. Yet industry leaders feel that action is having the opposite impact. The Cyber Resilience Think Tank (CRTT) – an independent group of industry influencers/CSOs dedicated to understanding cyber resilience challenges – recently gathered to discuss this and plot a path ahead.

Keeping up with the complexity of business has in turn led to complexity in the IT and security world. For some CISOs, having too many things to secure is the biggest issue they face day-to-day.


Original article here