Director, Information Security
Brian Wrozek is the director of information security with Optiv’s Office of the CISO. In this role he specializes in enabling CISOs by sharing practical recommendations and confronting the many cybersecurity challenges with a “glass is half-full” attitude.
Don’t Chase the Latest “Shiny Object” Technology
When enterprises face security challenges, we too often see them respond by purchasing more point technologies. The lure of the latest “buy it, deploy it, forget it” vendor offer may seem like an easy fix but more spending on fragmented solutions has not reduced cyber crime incidents. On the contrary, incidents continue to accelerate in frequency. Why can’t we get ahead of the curve?
Many enterprises are constrained by years of legacy solutions. Inconsistent technology sprawl fueled by acquisitions and best-of-breed products purchased by organizational siloes hamper the adoption of new tools. Consequently, companies must purchase multiple security products from many different vendors. This presents challenges because the various products don’t always operate seamlessly together and organizations have to manage a wide network of third-party vendors. Since the old security tools never go away, the additive support burden of new tools puts even greater pressure on already strained operational resources. So what can you do?
- Eliminate waste in your portfolio of cyber security tools. A 2014 Osterman Research survey showed that 28% of organizations were not fully utilizing their security investments. They estimated that $33 of the $115 spent on average per user for security related software went underutilized or was never used at all. Convince IT and the business to prioritize the deployment and implementation of shelfware that is truly needed.
- Make sure you are getting the most out of your already-installed security products. Conduct a health check to ensure they are operating at peak efficiency and performance. Review all the security features of the tools deployed in your environment to determine what additional options can be enabled.
- Revisit the eternal debate of choosing best-of-breed technology versus fully integrated systems. There is no clear right or wrong approach but if you find yourself struggling with system integration, data flow and vendor management, it may be time change direction to the benefits of fully integrated options. Let go of the need to have everything on premise. Cloud-based solutions have the potential to simplify your technology stack by off-loading operational duties, but they may also magnify challenges by further fracturing your system integration and data flows.
- Expand your view outside the walls of the security organization. An enterprise security posture can be enhanced through non-security tools such as simplifying the corporate environment through centralization and standardization.
- Hold your business application and information technology partners more accountable. Include built-in security functionality into your new technology requirements so additional security tools and controls don’t have to be “bolted on” afterwards.
Even if you organization follows these steps, it is important to keep in mind that this is not purely a technology problem. Improving your overall cyber security landscape requires a multi-faceted, strategic approach that includes investment, people, process, education, governance, the right incentives (positive and negative) and technology. Organizations need to take a more strategic, programmatic approach by developing a plan, implementing products and services, and continuously monitoring and adapting the plan based on new threat intelligence. In future blogs, we will explore these other facets of high-performance security organizations.