Deploying multiple security tools might just be the reason you’re breached

Credit: Photo 94640314 © Nikolay Antonov - Dreamstime.com

Gartner’s latest global forecast for spending on information security products and services shows spending across the world is set to increase this year to more than US$114 billion, but there is a difference between simply buying software and actually utilizing it correctly. Many organisations are making the costly mistake of assuming that simply buying security products creates a unified defence for their networks.

While businesses are investing heavily in endpoint security tools, constraints on staff availability and skills may mean that many of those tools aren’t applied as well as they should – and many are purchased but never even implemented or integrated within the company’s broader security strategy. Complex solutions and lack of skills are leaving businesses defenceless to modern cyber-attacks.

Creating expensive blind spots

Organisations are making the mistake of believing that purchasing multiple products will stop breaches, when it most likely increases the likelihood of an attack. Defense in depth is an approach to cybersecurity in which a series of products are layered to protect data, but time and time again this approach has failed to stop a breach. The problem is that each layer is a different technology that works within its own silo. This makes it difficult to share that intelligence between tools in an effective way and complexity grows as more layers are added.

Beyond the high costs of this approach, the traditional defence-in-depth security strategy is an outdated model and organisations must look to transform their approach to enterprise security. Organisations now have IT infrastructures that incorporate mobile devices, remote access and usage of cloud-based resources and services. Organisations need to shift to the cloud for simple solutions, that provide better management and visibility into how tools are performing in actually stopping breaches.

Stretching resources

As network environments become more complex, it becomes increasingly difficult for those responsible to successfully protect it. A survey from CrowdStrike revealed that many companies had not managed to configure and use the products they purchased, with 24% of respondents stating they had not implemented all the security tools purchased by their organisation, with respondents citing time and resource constraints.

Part of what may explain this worrisome trend is that cybersecurity professionals are becoming much harder to find and the ones that are currently employed are facing an avalanche of work. Among the skills shortage, cybersecurity job fatigue is becoming a new problem facing the industry, with many security professionals facing long hours and high stress levels.

Credit: Photo 76390944 © Rawpixelimages - Dreamstime.com

Companies are looking to technology to help create a solution to staffing problems, with artificial intelligence (AI) and machine learning being leveraged to bridge the gap. AI and machine learning can support teams of security analysts by looking for threats to the business and alert the team to investigate or respond when anomalies occur. 

Machine learning-based security solutions can handle billions of security events, finding threats early on through a combination of correlation, pattern matching and anomaly detection. In cybersecurity, speed and scale matter and this is exactly where AI adds a significant advantage. AI can offload work from human cybersecurity engineers, and advances in machine learning technology mean that AI applications can also automatically adapt to changes and identify new threats.

Simple, powerful solution

Businesses need to step back from traditional procurement-driven security strategies to consider how they might implement a holistic endpoint defence capable of blocking attacks in real time. Organisations buy into the idea that “more is better”, believing that having a broad range of products will secure their networks. However, modern attackers have learned how to bypass traditional prevention solutions, such as legacy antivirus (AV).

Most security solutions rely on identifying signatures and known threats, or they look for indicators of compromise (IOCs) but the problem with IOCs is they can’t capture new methods of attacks such as malware-free, or fileless attacks. Organisations need cloud based, next-generation endpoint protection that leverages AI to detect known and unknown attacks. These solutions can be deployed quickly and scaled easily so you don’t need to buy numerous products.

Credit: Photo 129994504 © Funtap P - Dreamstime.com

Another key point that shouldn’t be ignored is maintaining good cyber hygiene. Basic hygiene remains a significant challenge with numerous examples highlighting patching deficiencies that led to a significant breach.

Layering multiple products make new challenges for security teams and are the root cause of many of the recent breaches. No one sets out to undermine security but introducing various products can create blind spots in your security posture, leaving your organisation vulnerable to cyber-attacks.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags cyber security

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Show Comments

Cool Tech

Toys for Boys

Family Friendly

Stocking Stuffer

SmartLens - Clip on Phone Camera Lens Set of 3

Learn more >

Christmas Gift Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?