Why CISOs have to consolidate security tools

Sidebar: Workload automation tools
Image from Shutterstock.com

Protecting the enterprise takes a lot of tools — network firewalls, Web application firewalls, end-point protection, identity and access management — and that’s just a standard defence. Sophisticated organizations have disk encryption, intrusion detection, behavioural analytics  … there can be a long list.

In fact one source estimates an organization can have up to 75 security products, although sometimes that’s because of acquisitions.

Small wonder that at a session I covered at RSA Conference 2016 one panellist said enterprises need a chief simplicity officer. “If we don’t do that we’re not going to be able to detect and respond in seconds,” said Patrick Gorman of startup CyberGRX. He also warned about the separation of network operations and security teams, which often duplicates work.

But generally the CISO with a layered defence faces a lot of tools. That creates two problems, according to a recent article: Redundancy and multiple alerts. The question is what should infosec pros do about it?

“Look at whether you really need this product that is monitoring this information. Build outwards based on information and people rather than building inwards,” Geoff Webb, vice president of solutions strategy at Micro Focus is quoted as saying. “Take a hard look at what the problem we are trying to solve is as opposed to putting tools in to prevent what was a previous security risk,”

Another expert urges CISOs to winnow down the number of tools in their arsenal by either finding significant overlap between one problem and another or determining which tools provide the best actionable information, and then remove or significantly reduce all others over time.

Whatever the solution its a problem that has to be faced.

Read the full article here

Would you recommend this article?

0
0

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Related Tech News