In the modern enterprise landscape, organizations have a vast array of different technologies, products and services at their fingertips, all offering varying capabilities and functions to serve practically every aspect or function of a business. Information security is no exception; in fact, research released in 2019 estimated that the average organization uses 57 separate security tools.
Having X number of solutions to protect X different entry points may sound great in theory, however, it also has the potential to create significant vulnerabilities. For example, implementing various different security products and platforms can lead to confusion and uncertainties regarding the boundaries between where one product’s coverage ends and the next begins. That blurring of the lines can lead to ‘security blindspots’ that put organizations at risk, whilst patchworks of different security technologies and processes also put strain on a company’s ability to fully control its data security management.
It is for that very reason that Adam Enterkin, senior vice-president of EMEA enterprise sales at BlackBerry, believes that the number of security vendors companies are using is spiraling out of control and advocates for a more unified approach to cybersecurity that eradicates potential ‘patchwork’ security vulnerabilities.
Infosecurity recently spoke to Enterkin to learn more.
What is the current landscape of ‘patchwork’ security blind spots?
IT admins and end users are stressed. With an increasingly chaotic landscape of cyber-threats, keeping track of all enterprise endpoints and protecting them is exponentially tricky. A culmination of trends is fueling this chaos – mobile security, the IoT boom, geopolitical tensions, confusing internet governance; the list goes on.
Those using multiple security vendors for different capabilities are finding that, not only is the upkeep of such ‘patchwork’ security incredibly complex, but it’s also exhausting. Cybersecurity and endpoint chaos are putting organizations at risk while cutting into employee productivity and increasing IT costs.
By creating a system that’s cobbled together from mismatched products, security teams don’t have the benefits of automatic updates and integrations which would ensure full coverage of every endpoint. This creates blind spots – teams have no idea if a new threat is accounted for. They must then check that their list of cyber-solutions covers it. It’s manual work. Research from EY shows that security teams are exhausted by this, and are searching desperately for a reliable solution.
“Those using multiple security vendors for different capabilities are finding that, not only is the upkeep of such ‘patchwork’ security incredibly complex, but it’s also exhausting”
Why is using a selection of solutions from multiple vendors no longer the best option?
Most organizations don’t have large security teams. In fact, there’s a deficit of almost 100,000 cybersecurity jobs in the UK right now. Understaffed security teams – and even those at full capacity – simply cannot handle the complexity of multiple solutions. With one-in-four security teams seeing one million alerts daily, it’s distracting teams from the task at hand: securing every endpoint – not addressing every alert.
A laundry list of best-in-class solutions might sound like it covers all bases, but a unified solution from a single vendor is more than the sum of its parts. The technologies, including AI and machine learning, work together seamlessly to share data for reporting, calculating risk, increasing automation, managing devices across more domains and further enabling dynamic policy controls. The usage of the same data across functions reduces the amount of manual upkeep needed.
What are the dangers and challenges of juggling too greater number of vendor security products?
As IoT adoption grows, we’re set to see 41.6 billion connected decides by 2025. Attackers are leveraging this at every opportunity. In fact, the AV-Test institute registers over 350,000 new malware each day. The attack surface is increasing at a rapid pace. A vast array of security vendors, products, agents, consoles and alerts to combat this creates complexity that actually makes enterprises less secure, not more.
With too many solutions, you become outnumbered not only by the threats, but by your own technologies. Making mistakes becomes easier, and that’s all it takes for malware to creep in.
Simplify endpoint management with a single platform, and bring the technology back onto your side with seamless workflows and enhanced productivity. Allow intelligent technologies like AI to take on the heavy lifting: detecting and responding to new threats, enacting automated threat prevention and determining the severity of alerts.
“With too many solutions, you become outnumbered not only by the threats, but by your own technologies”
What are the benefits of implementing unified security suites?
Integrating unified security suites can eliminate unnecessary friction for users carrying out normal daily activities, making workflow seamless and simplified. There is power in simplicity: one view across all endpoints and visibility across the entire enterprise.
Businesses should also be careful to avoid suites which are made up of mismatched products from a single vendor. These are as risky as a patchwork of solutions – but arguably more dangerous given that they create the semblance of total security.
How can organizations achieve an effective and unified security product approach?
Gaining visibility over all endpoints is key. Top-quality suites deliver successful cyber-threat prevention and remediation, as well as cross-platform visibility, helping enterprises understand the current security posture and risks across the entire ecosystem. Technologies such as AI, which manage data shared between different applications, must make decisions transparently in order for a unified system to truly bring added value to security teams.
Finally, Zero Trust should permeate throughout the entire system. A Zero Trust approach is focused on earning trust across any endpoint and continuously validating that trust at every event or transaction. By validating user actions, Zero Trust systems improve security with no user interruption. In this way, dynamic trust is achieved across all devices, networks, data, users and apps.