Partner of:
Recently, I had the opportunity to visit Chicago. Upon touching down, it was game on; the bustling city with all of its connected and interdependent systems was in charge of my fate. Without a moment to think, I was off to lunch via the train, running errands at the store through the bus, and dropped off at the dry cleaners by taxi. The architecture of all these interconnected systems was fascinating; however, it was rather time consuming and figuring it out for the first time was complex to say the very least. For a lot of organizations, this is true of their security tools. One tool transports the data to the lunch spot, the other to run errands, etc., and if all goes right the data makes it to the destination on time. This may work for a bustling city, but too many cybersecurity systems rely on this complex system which introduces more maintenance, risk, and delay. What if we had a utopia which had our favorite lunch spot, store, and dry cleaner, all within walking distance? We would be so much more effective with the time we had. In this article, we explore how obtaining security efficiency may involve consolidating our security tools.
In the conventional paradigm of cybersecurity, businesses purchase an array of individual security tools each designed to protect a specific aspect of the system. From Secure Email Gateways (SEG’s) to Data Loss Prevention (DLP) solutions, there is an endless list of tools which can be outsourced to software tooling providers. This siloed approach has a deep-rooted legacy and is often perceived as a proven and effective strategy for system protection. After all, this is how it has been done since the beginning of system architecture. By outsourcing solutions for problems to individual providers, you get a poignant and targeted tool to achieve the goal. This can translate to exceptional effectiveness when done correctly.
While individual security tools can offer unique and novel features, many organizations become sold on features they do not need or never realized they “needed”. If you walk into a car dealership without such specific requirements for what you want, the salesperson will do everything in their power to leverage your indecision for profit. Customers with direction for their visit, such as looking for a white SUV with leather interior, a sunroof, and apple car play will leave the interaction feeling in control and with the outcome they want. Customers who lack the direction for what vehicle they desire become subject to the salesperson, leaving them feeling out of control with their interaction and likely sold much more than what they really wanted or needed. Organizations need to realize what they need is the intersection of cost and risk reduction, and that the sales person is not your trusted security architect.
For each platform that is introduced, the need for specialized integration, configuration, maintenance, and monitoring is introduced. While it’s not a guarantee that unified solutions will be easier at all of these tenants, anyone who has worked with multiple security vendors at one time can attest that maintaining relationships and keeping abreast with updates across 5 platforms is much more time consuming than 1 platform. In addition, with each vendor brought on board, periodic vendor risk assessment should be performed. Taking Target as an example, their vendor onboarding and diversification may have worked for a time, but as the spiderweb of interconnected systems grew, the ability to competently manage the risk of the entire system dwindled and eventually reached a breaking point. In addition, subscription creep starts to become a real issue in organizations which fall prey to these tactics, as yearly subscriptions crowd the budget and tooling becomes bloated.
In cybersecurity, effective communication is paramount. Unified systems that speak the same language can draw better, quicker, and more accurate conclusions. For example, correlating a delivered email to a clicked URL becomes far easier when both events are monitored by a unified systems and are aware of each other’s actions. Contrast this with the cumbersome process of attempting to draw insights from siloed systems – a labor-intensive and error-prone exercise that can slow response times and increase the likelihood of misinterpretation. Unified systems can help eliminate these issues, providing a holistic view of security events and significantly improving incident response efficiency. In addition, if organizations want to get ahead of the curve with automation, systems speaking a single language becomes necessary.
Centralized privilege management is a critical aspect of cybersecurity, yet it's frequently unsupported by the overwhelming majority of security vendors, even when Single Sign-On (SSO) integrations exist. This centralized approach streamlines the process of granting, adjusting, and revoking access rights, making administration more secure and manageable. When 5 tools have 5sets of right to understand and portals to grant access to, not only do the administrators become irritated with separate logins, HR and other privilege management groups have more on their plate. Imagine the scenario of an employee leaving the company. If you have a multitude of siloed systems, managing privileges becomes a much more complex and time-consuming process, and every moment of delay increases the risk of unauthorized access. With centralized management, the response can be swift and comprehensive, significantly reducing the window of vulnerability.
Running a cybersecurity program can feel like exploring a bustling city like Chicago for the first time. You're relying on many different tools, like trains, buses, and taxis in a city to protect your business. While this setup might seem dependable, it often brings extra work, higher costs, and more chances for things to go wrong. Imagine instead if all the things you needed were in one place, the sort of perfect city center. A system that is designed for security efficiency from the beginning will improve itself overtime, and realize cost benefits which can be make or break for the business. Whether you have too many tools or none at all, pursuing a unified approach to implementing cybersecurity should be top of mind for all organizations who want to steer their organization towards security and efficiency.
Copyright © 2022 Security Connections. All rights reserved.
