Reducing Risk Through Astute Spending: Optimising the Security Toolstack
What Security Spending Needs to Do
Budgets might be under pressure, but cybercriminals have yet to get the message to slow down their attacks.
Threat actors only get paid when attacks succeed and their need for cash keeps growing. Modern cybercrime is big business. If we were to measure cybercrime as a country, then it would be one of the largest economies in the world.
Going forward, we will likely see advanced threat groups, many of whom have financial backing from governments, double down on their attempts to extort victims.
Meanwhile, security budgets are in an awkward place.
Last year, as wave after wave of cybercrime rocked companies of every type, and inflationary pressures were still over the horizon, most security budgets grew. During 2022, over 69% of organisations expected cybersecurity budgets to expand.
Unfortunately, today’s economic landscape looks a lot different.
There are countless reasons why deprioritising security is a bad idea. However, the hard truth about cybersecurity is that, at least from the point of view of non-tech-savvy executives, security is a vulnerable cost centre. When revenue falls, security spending typically gets cut or stays stagnant. In one survey of SMBs, almost every organisation surveyed plans to either cut their security budgets or leave them unchanged.
Even in organisations planning to maintain their spending, silent cuts are likely. This happens when requests get put on ice, hiring plans are frozen, and expensive tools get replaced with “free” alternatives.
In today’s environment, every pound, dollar, and euro spent on security needs to return measurable benefits. One way that we are seeing more organisations do this is by consolidating their tool stacks.
Why There Might Be a Silver Lining to Less Spending
Protecting digital services and assets is one of the biggest challenges the developed world will face in the next decade. As a whole, security demands more investment. However, a temporary slowdown in security spending has a silver lining.
Less “easy money” should make our industry take note of some recent security investment pitfalls that have wasted money and, in some cases, actually harmed security.
A big one is security tool bloat. Having lots of great tech on hand is a bonus, but it is often a case of “more tools, more problems.”
Depending on its size, the average organisation has between 15 and 125 different security tools deployed at any given time.
All these tools:
- Cost money in licensing or installation fees.
- Require integration and management.
- Send security teams mindless alerts whenever they pick up on anything remotely suspicious.
The Problems of Tool Bloat
Ask any enterprise security team whether or not they use redundant or duplicate security technologies, and the answer will probably be yes.
Ask them whether being bombarded with too many alerts has caused them to rethink their entire careers, and you will also get a very strong yes. 62% of respondents to a recent survey reported that alert fatigue is contributing to higher turnover.
This trend is not only hurting security staff but is also seriously damaging organisational security. In surveys, at least one-third of analysts admit to routinely ignoring alerts. The actual figure is likely even higher. As analysts purposely or otherwise miss alerts, threats are getting through, lingering longer than ever in victims’ networks, and making spotting and remediating attacks harder.
As a result, tool overload is doing real damage to cybersecurity. According to IBM’s annual Cyber Resilient Organisation Report, organisations that use over 50 cybersecurity tools score lower in their ability to mitigate threats versus companies that use fewer tools.
How to Fight Risk with Consolidation
The core message of our webinar is this: Consolidating security tools can help companies improve security while spending less overall.
One reason why is that consolidation helps maximise the most important asset in your organisation: the people behind the screens.