For a secure cyber capability, less is more

Artificial intelligence and automation are critical tools for good cyber hygiene but many organizations have too many spot solutions that cloud their environments.

Operational and financial risks of data loss and cybercrime continue to dominate headlines across the country. To respond to these constant and real-time threats, artificial intelligence and automation are increasingly vital tools to secure networks.

These cost-effective technologies can block new threats almost instantly, at faster-than-human speeds, reducing the detection time to seconds and response to thwart these attacks to minutes - so why aren’t more organizations leveraging AI and machine learning in their security? 

The simple answer is that the ability of these AI-driven security technologies to reduce detection and response time down to mere minutes is dependent on access to an enterprise’s comprehensive real-time data - whether it’s network traffic, endpoint or cloud-based information. This sort of comprehensive, clear line-of-sight data allows automated, AI-powered technologies to identify unusual activity and respond quickly, alerting security teams, isolating an impacted endpoint device or deploying a solution quickly.  

Unfortunately, it’s hard for many organizations to take advantage of AI-powered technologies because of their networks’ historically layered systems with multiple security solutions.

The situation only becomes more complicated as cloud and hybrid workforces go mainstream. Many organizations spend too much time and effort integrating disparate technologies when they should be leveraging automation and intelligence across their enterprise.

Despite the trend towards cherry-picked services, a recent survey found that 34% of respondents listed “too many security vendors” as their biggest challenge in managing cybersecurity. More than 75% of respondents had 6 or more cybersecurity vendors, and more than half of that group had 10 or more.

In another survey by Gartner, 75% of organizations plan to consolidate the number of security vendors in 2023, not chiefly to save money, but 65% said the goal was to improve their risk posture. 

This sort of security vendor sprawl is challenging for several reasons, not only because it’s expensive and inefficient. Using software from multiple vendors makes it difficult for an organization’s security leaders to have clear visibility into their systems. It also limits the usefulness of automated, AI-powered monitoring and response systems which can significantly improve an organization’s security posture and response time to incidents.

Put simply - The value of AI is real. However, without a proven system-wide security platform, being able to harness the value of AI to reduce breach time to milliseconds is a fantasy. 

As organizations continue investing in cybersecurity, it’s important to think about long-term cost, efficiency through the use of AI-powered automation, and risk - and that often means reducing their number of cybersecurity vendors. 

Resource Cost 

Greater efficiency and reduced costs are a top priority for many companies and government agencies that understand the need to protect data without straining budgets or bandwidth. This often means they end up looking for the cheapest vendors with fragmented capabilities and unfortunately, that can come with unexpected consequences such as overspending financial and staff resources, leaving gaps in security between products and inconsistent security throughout the network.

Security Efficiency

The evolving pace of cyber attacks further increases the need for efficiency - securing your network one piece, or product, at a time is just as efficient as making automobiles one by one (and not ever Rolls Royce does this anymore). Increasingly, successful cybersecurity demands we look at how the security network works together, instead of in silos, and more than a third of all industry respondents listed efficiency/productivity among their top three priorities over the next two years.  

A recent Gartner study found that in 2022, 75% of organizations were looking to consolidate their vendors compared to almost 30% two years before due to concerns about “operational inefficiencies and the lack of integration” of their security products. 

Efficiency is driven not just through the consolidation of vendors, but also through the use of machine learning and AI-driven technologies which can detect and respond in real-time to the discovery of unknown malicious threats. These technologies also free up an organization’s security analysts to focus on higher level issues. 

Reducing “Trust” Risks 

Consolidation reduces overall cybersecurity risk; with too many systems in place, inconsistent enforcement can result in trusting some users with too much network access. This goes directly against cybersecurity best practices, or a zero-trust architecture system, which requires users to be verified numerous times as they work across a network. This architecture reduces risks posed by roaming devices, such as a work laptop connecting to a home network that also hosts insecure IoT devices. 

Businesses should be looking for trusted partners that will be good stewards of their security. Purchasing the latest trends in cyber to solve specific problems is only valuable if businesses choose an innovation partner that can integrate functionality across an entire network, including with AI-powered technologies.

Consolidated platforms integrate cyber capabilities to coordinate and automate prevention, detection, and response. Using shared intelligence, security platforms give security operations teams the data to close security gaps and fully secure their attack surfaces. The consequences are substantial.

Even well-intentioned and motivated companies will be more vulnerable to attacks.