Non-integrated point solutions make enterprise cyber security more challenging, thereby damaging confidence in security, according to a plurality of IT and security professionals.
Adding multiple products from different suppliers simply adds more complexity and can potentially undermine the organisation’s security.
Cisco’s network security unit is also banging the drum for unified security solutions with its SecureX platform, a cloud-native security platform.
Non-integrated point solutions make enterprise cyber security more challenging, thereby damaging confidence in security, making it harder to gain an accurate picture of what is going on, and wasting time managing multiple suppliers, according to a plurality of IT and security professionals. This is the key finding of a Dimensional Research survey of 411 security specialists conducted on behalf of security firm Check Point, which set out to examine IT leaders’ attitudes towards consolidated security services.
The study found that close to 50% of organisations tended to deploy anywhere between six and 40 security products around their estate, and virtually every organisation quizzed used multiple suppliers, with larger organisations tending to use more. A total of 98% of organisations said they were using multiple consoles to manage these products, making it impossible to get a truly holistic view of the threat landscape and complicating responses to any incidents that flare up.
Read more: CISA RELEASES FIRST OF ITS SERIES OF SIX CYBERSECURITY ESSENTIALS TOOLKITS
Some organisations operate under the false assumption that more products translate to more security. However, in this situation, global security leaders should adopt the less is more mentality
~ said Ian Porteous, Check Point regional director
Meanwhile, the never-ending process of maintenance, upgrade, contract renewals and other activities related to “the care and feeding” of a security solution caused a headache for 79% of security professionals. Adding multiple products from different suppliers simply adds more complexity and can potentially undermine the organisation’s security. Enterprises need a consolidated cyber security solution that strengthens their defences while improving their agility against all forms of attack.
Check Point said that many of those who responded to the study believed prioritising supplier consolidation would lead to a better overall security posture, and many were taking advantage of the shifts occasioned by the Covid-19 coronavirus pandemic to reassess their needs. The findings support Check Point’s own views that reducing the number of suppliers enables organisations to enable a higher level of security through superior integration and fewer functional gaps between the protections that each product delivers.
That is what we need to do in the next decade – to try, as much as possible, to make security simple, available and uniform, so it can fight these threats.
At Check Point’s CPX360 event in February 2020, the firm unveiled its Infinity Next concept, which it said will address the concerns of chief information security officers (CISOs), who say that they have too much technology and too many products; of security engineers, who say that they are overwhelmed and cannot secure clouds and internet of things (IoT) estates; and DevOps teams, who say security should be automated and that they cannot wait for human approval.
Check Point does not, however, have the field all to itself. Cisco’s network security unit is also banging the drum for unified security solutions with its SecureX platform, a cloud-native security platform set to unify visibility across the supplier’s security portfolio and user infrastructure, enabling automated security workflows, and incorporating managed threat-hunting capabilities.
“We’re trying to solve the number one problem that every CISO has – that these environments have been built to be highly fragmented,” said Cisco chief security officer John Maynard. “The vast majority of customers have a multi-supplier security estate, and struggle with orchestrating alerts and driving remediation at scale across that fragmented landscape.”
Read more: CISCO TO SECURE ITS BLOCKCHAIN-AS-A-SERVICE (BAAS) PLATFORM FOR ENTERPRISE SECURITY