SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

Too much of a good thing? How security sprawl can weaken defences

Fri, 17th May 2024

Digital transformation can introduce a multitude of new endpoints, servers and applications into a company's network, deployed across cloud, on-premises and hybrid environments. Every new addition needs to be protected from ever-evolving cyberthreats. Over time, this can lead to a sprawling collection of security tools, each brought in to address a specific concern or gap.

These different products often come from different vendors. Three quarters of the Australian business surveyed for a recent study use products from more than 20 security vendors. Some estimated the number of vendors to be as high as 40. 

How did we get here?
The cyberthreat landscape doesn't stand still. Our study found that cyberattacks targeting Australian businesses are increasing in severity and sophistication. Security breaches are taking longer to recover from and fix. Continuous security investments are vital in ensuring a company can withstand and respond to these changing levels of risk. 

The good news is that there are many high quality security tools and services for organisations to choose from. Unfortunately, that is also the bad news. 

The wide array of options that organisations need to evaluate, select from, and implement creates its own challenges. Introducing and managing a plethora of disparate security tools from different vendors can use up valuable resources and time for the IT team. Not all solutions integrate easily with each other, and this can lead to visibility gaps, which increase risk.

A more streamlined approach to preventing and mitigating cyber risks, and strengthening overall protection, involves reducing complexity.   

Too much of a good thing
The study showed that company size made relatively little difference to the number of security vendors whose products had been implemented. This means that small to mid-sized businesses are carrying the same burden as larger enterprises when it comes to managing multiple security products, each with their own configuration, sets of security alerts, dashboards, security updates, data analytics, and more – but without the same staffing levels and resources. 

Security sprawl also creates a complex, fragmented security infrastructure that obscures visibility of activity and potential threats. This makes it harder for IT teams to detect and respond to alerts and incidents. 

Many organisations can become stuck in a counterproductive loop: the more they spend on new security tools, the more complex their stack becomes, and the more their security team struggles to manage everything, reducing the time available for security remediation and often leading to the introduction of additional tools. 

Breaking out of this cycle requires security integration. An important first step is to ensure your security tools, even if they are from different vendors, can communicate and share data and intelligence with each other. This reduces operational costs as well as the need for manual intervention to monitor or aggegrate data from different sources. 

Moving towards integration 
For companies struggling to manage their security and concerned about visibility blind spots, it may be time to consider a platform-based approach to security. This integrates various security domains - email, application, network, and endpoint security - giving security teams centralised management and control that offers greater visibility over security operations and leads to stronger and more adaptive security responses.  This approach can also bring cost benefits and enables organisations to scale and adapt quickly when new threats emerge.    

Security complexity is not the inevitable outcome of an increasingly complex cyber threat landscape or an increasingly digital business infrastructure. An integrated platform approach to security is not about vendor lock-in but about vendor- and performance- optimisation.  In an age when cyber threats can come from anywhere, you need security that will protect you everywhere.

To learn more about how an integrated security platform can help, visit our cybersecurity platform pages.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X