Skip to main content

Don’t Chase the Latest “Shiny Object” Technology

December 10, 2015

When enterprises face security challenges, we too often see them respond by purchasing more point technologies. The lure of the latest “buy it, deploy it, forget it” vendor offer may seem like an easy fix but more spending on fragmented solutions has not reduced cyber crime incidents. On the contrary, incidents continue to accelerate in frequency. Why can’t we get ahead of the curve? 

Many enterprises are constrained by years of legacy solutions. Inconsistent technology sprawl fueled by acquisitions and best-of-breed products purchased by organizational siloes hamper the adoption of new tools. Consequently, companies must purchase multiple security products from many different vendors. This presents challenges because the various products don’t always operate seamlessly together and organizations have to manage a wide network of third-party vendors. Since the old security tools never go away, the additive support burden of new tools puts even greater pressure on already strained operational resources. So what can you do?

  1. Eliminate waste in your portfolio of cyber security tools. A 2014 Osterman Research survey showed that 28% of organizations were not fully utilizing their security investments. They estimated that $33 of the $115 spent on average per user for security related software went underutilized or was never used at all. Convince IT and the business to prioritize the deployment and implementation of shelfware that is truly needed. 
  2. Make sure you are getting the most out of your already-installed security products. Conduct a health check to ensure they are operating at peak efficiency and performance. Review all the security features of the tools deployed in your environment to determine what additional options can be enabled. 
  3. Revisit the eternal debate of choosing best-of-breed technology versus fully integrated systems. There is no clear right or wrong approach but if you find yourself struggling with system integration, data flow and vendor management, it may be time change direction to the benefits of fully integrated options. Let go of the need to have everything on premise. Cloud-based solutions have the potential to simplify your technology stack by off-loading operational duties, but they may also magnify challenges by further fracturing your system integration and data flows.
  4. Expand your view outside the walls of the security organization. An enterprise security posture can be enhanced through non-security tools such as simplifying the corporate environment through centralization and standardization.
  5. Hold your business application and information technology partners more accountable. Include built-in security functionality into your new technology requirements so additional security tools and controls don’t have to be “bolted on” afterwards. 

Even if you organization follows these steps, it is important to keep in mind that this is not purely a technology problem. Improving your overall cyber security landscape requires a multi-faceted, strategic approach that includes investment, people, process, education, governance, the right incentives (positive and negative) and technology. Organizations need to take a more strategic, programmatic approach by developing a plan, implementing products and services, and continuously monitoring and adapting the plan based on new threat intelligence. In future blogs, we will explore these other facets of high-performance security organizations.


    Brian Wrozek

By: Brian Wrozek

Director, Information Security

See More

Related Blogs

April 20, 2018

Customization of IAM Solutions: Risks of Having it Your Way

Forty years ago Burger King launched a revolution in customization, declaring that they could provide you the power of creating your perfect burger co...

See Details

November 21, 2011

Emerging Technologies - Virtual Security | Optiv

Virtual Security is garnering a lot of attention these days. With the mass adoption of virtualization technologies, traditional security tools are pro...

See Details

November 12, 2012

IP Theft Prevention: Beyond Just Technology

News headlines about credit card numbers being stolen and other successful security attacks on intellectual property (IP) during the last decade have ...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Related Insights

June 09, 2018

Application Security Assessments

Our AppSec experts combine extensive knowledge and scanning tool experience with manual testing methods to protect you against vulnerabilities automat...

See Details

January 21, 2015

Cyber Security Public Policy

Imagine a scenario where a highly motivated, trained, and well equipped enemy launched an invasion against the United States. Upon arriving at our sho...

See Details

October 11, 2017

Security Solutions

Optiv is a market-leading provider of end-to-end cyber security solutions. View our services here.

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cyber security Events in your area.