Enterprises underutilising security tools, causing teams to burn out
On average, enterprises maintain 19 different security tools, with only 22% of such tools serving as vital to primary security objectives.
This is according to a new report from ReliaQuest titled '2021 Security Technology Sprawl Report', completed with IDG and based on surveys with 400 IT and security decision makers at companies with more than 1,000 employees.
The report also unveiled a lack of meaningful ROI metrics when reporting on security progress, as well as disparate opinions on objectives, tool effectiveness and security awareness amongst the organisation between executives and operations on security teams.
Additional findings include the following.
Most security tools are not being utilised to their full potential: Less than half (47%) of existing IT security tools are used daily.
Most security decision makers (85%) believe they are adding technologies faster than they can productively use them, with 71% admitting most existing tools are underutilised.
Security actually suffers as a result of uncontrolled tool sprawl: 71% of security decision makers believe the increasing amount of time they spend managing tools inhibits their ability to effectively defend against threats.
Teams need better integration and automation of disparate tools, as well as better visibility across tools to help them operationalise proactive security programs, the researchers state.
Security executives and operations teams are misaligned on program objectives: Security leaders view investment and direction differently than those charged with execution.
Executives at the CISO and Vice President levels have their eye on strategic business goals and ROI, while security directors and their staff, on the other hand, are typically faced with putting out fires, spending a growing amount of time managing tools, and manually piecing together data from across these tools to identify threats.
Generally, 57% believe they deactivated a tool due to a better option. However, 52% of top security executives said the tool was not providing proper return on investment, compared to only 20% of security operations professionals.
Additionally, one in three (35%) executives felt the reason for replacement was due to lack of in-house expertise, compared to 13% of the operations team.
Lack of meaningful ROI metrics is hindering security progress: Most enterprises struggle to measure ROI for security tools, the survey found.
Respondents most often measure their investments using the number of critical vulnerabilities identified (52%), tool functionality (49%), and the percentage increase in visibility (48%).
Only 29% of respondents said they measure the level of visibility contributed by tools across the environment, and only 33% look at how fast they can detect and respond to threats.
Additionally, 63% of security operational managers don't think the board understands the value of new security technologies, versus only 41% of upper management.
ReliaQuest CEO Brian Murphy says, "Security is not a game of chance, but one of strategy. Each year, the number of security tools drastically increases, causing alert fatigue and security team burn out.
"But there is light at the end of the tunnel. Enterprises must adopt a focused, strategic approach to security, rooted in vendor-agnostic tool integration.
Murphy says, "With Open XDR, organisations can now gain visibility into relevant security data, regardless of where it resides. Traditional approaches to XDR use just a subset of security data belonging to one provider or a limited few.
"Open XDR provides comprehensive visibility, rich investigations, as well as access to data and actions, allowing organisations to gain all the insights needed to align on key metrics including those that matter to the board, as well as security management and operations teams in the trenches.
"This alignment is a game changer for organisations."