The Overloaded Toolbox: Cybersecurity Tool Bloat and Why It Will Matter in 2024
- By Andy Ng, Veritas Technologies
- January 22, 2024
Imagine if your toolbox had four similar hammers, six pairs of different pliers, and eight types of wrenches. How heavy would that be? Worse still, finding the most efficient tool for the job from the heap is going to be difficult especially when most, if not all, can perform similar tasks. Clearly, an overloaded toolbox can only serve as a hindrance, and there’s the exact problem that the cybersecurity industry might face next year.
To be specific, estimates put the average enterprise security toolset at 60-80 distinct solutions, with some enterprises reaching as many as 140. Too much of a good thing is a bad thing – enterprise security tool sprawl or tool bloat leads to a lack of integration, alert fatigue and management complexity. The end outcome is a weakened security posture, the exact opposite of what was intended.
What are businesses doing about tool bloat
Given the macro-economic landscape, most businesses this year are already reckoning with the increasing number in of SaaS tools in their kit and are likely to streamline their portfolio for greater cost-efficiency.
To avoid the pitfall of purchasing too many security products, organisations can utilise the Cyber Defense Matrix framework to map out how their technology, people and processes are related to various functions and organisational assets. This will help organisations to understand their full suite, identify any overlapping tools and processes, and determine what could be cut from their security suite.
The proliferation of security products in the current cybersecurity marketplace has created new complexities for businesses, especially when their IT teams are using disparate tools without rich integration capabilities. As each additional tool has the potential to increase the threat surface, the onus is on organisations to recognise this paradox and proactively review their technology stack.
This could involve removing a seldom or never used security tool. It could also mean eliminating low impact tools by cross-utilising features on other existing solutions. In some cases, it simply means conducting a careful evaluation before organisations say yes to another new tool, as stitching multiple tools together is never an easy task.
In 2024, many organisations will be pushed to adopt either a “one in, one out” mindset to their enterprise security toolsets or consolidating to more comprehensive integrated solutions that bring together data protection, data governance, and data security capabilities.
Why tool bloat will matter in 2024
The “one in, one out” mindset will put pressure for cybersecurity providers to offer more holistic, integrated solutions, instead of best-of-breed point products, or risk losing their customers. This would potentially lead to three outcomes within the cybersecurity space.
- Competition: If “one in, one out” policy is widely adopted by organisations, cybersecurity providers will be forced to evaluate their product offerings and provide cost-effective solutions that ensure security and interoperability, to stay competitive in the marketplace.
- Consolidation: The fast-changing cyber threat landscape and economic environment are key drivers for more cybersecurity related mergers and acquisitions as tech players acquire startups to create more holistic solution offerings as part of their expansion strategy or the latter exiting the market due to cost pressure or lack of funding.
- Cooperation: A good outcome arising from the intensifying cyber threats as tech players form partnerships across the industry to strengthen the overall security posture for organisations. A case in point will be Veritas 360 Defense, where Veritas brings together leading data security, data protection and data governance with an expanded ecosystem of security vendors to bolster cyber resiliency capabilities so that organisations can restore and recover quickly, improve access management, and proactively mitigate threats.
It is safe to assume that cyber threats will only grow in scale and velocity, and it is critical for organisations to take stock of their security solutions and bolster their cyber resiliency to defend against the bad actors.
With more than two-thirds of organisations looking to boost their cyber resiliency with the help of AI, it is paramount for solution providers to harness the capabilities of AI to automate the detection of, and response to, malicious activities. The need for a good toolbox will never go away – organisations and solution providers alike should ensure that they can retool effectively to address both present and future cybersecurity challenges.
The views and opinions expressed in this article are those of the author and do not necessarily reflect those of CDOTrends. Image Credit: iStockphoto/artisteer