Ovum Insights - Have you ever heard of security tool fatigue? You will
Navisite recently sponsored research conducted by Ovum, presented in a white paper - Tackling Increasingly Complex Security Challenges - which considered the extent of cybersecurity threats faced by businesses and their strategies for dealing with these threats. As part of a series of blogs looking at the key points raised by the research, we explore a key phrase used by Ovum - “security tool fatigue” - and what it means for your business.
Never heard of security tool fatigue? You will…
Comprehensive security protection requires an increasingly complex blend of tools and safeguards. And as more platforms, cloud services and systems are added to your infrastructure, the number of tools required to manage and protect them also grows.
Far from simplifying administration, these tools are actually making life harder for security engineers. In addition to the alerts being generated natively by applications and infrastructure, engineers must now monitor and address the messages being generated by their tools too.
This has created a phenomenon known as “alert fatigue”, where the number of messages vying for attention becomes unmanageable. When this happens, important alerts tend to be missed (or ignored), leaving identified security vulnerabilities open to exploitation.
The situation is worsening - security tool fatigue
In an idea world, security tools would be rationalized and centralized – but costs are significant. According to Ovum’s research, 90%+ of organizations are expending more than 10% of their security resources (staff and budget) on integrating and maintaining their security tools and products.
Your business cannot afford to not deploy these tools. But at the same time you cannot absorb infinitely increasing support costs. Every penny spent on managing the tools that manage security is a penny taken away from the strategic projects that will help your business grow.
But it’s not just a case of money either. Where your security team is already struggling with alert fatigue, they face yet another syndrome – security tool fatigue.
IT security is a fast-moving field and engineers simply cannot keep pace with developments, either in terms of new vulnerabilities, or the tools enhancements designed to deal with them. Instead they focus on a smaller sub-set of tools and vulnerabilities; if your team doesn’t have all the tools and applications covered, gaps will quickly open in your defenses – and no one will know until it is too late.
Security tool fatigue is completely understandable – even when your business employs a large, full-time security team. But allowing these lapses to go unchallenged and unresolved is unacceptable.
Instead your business needs to look at how best to reduce – or share – the ever-increasing burden of IT security.
The secret of tireless security
When faced with unmanageable processes, the usual quick fix is to outsource roles and processes to a specialist. But in the case of IT security, this may be overly simplistic.
A partner with a dedicated team of specialists, who take on responsibility for managing your security tools and keeping abreast of industry developments, is a great start. But you need to ensure that they have the necessary resources in place to keep pace with those developments.
As the increase in systems alerts has shown, managing and actioning system messages cannot always be managed manually. So ask questions: is your partner implementing/using machine learning technologies capable of identifying and actioning security alerts automatically? What do their managed detection and response services include? How will they complement your existing team? How are they remediating threats manifested?
In-house users remain the most serious threat to network security as mistakes and poor practice leave attack surfaces open to attackers. As security tool fatigue becomes more common, those risks become even greater. You should consider and address these conditions now before they begin to cause problems for your organization.
The full white paper can be downloaded here. To learn more about outsourced managed detection and response and how our service can help your business save money, please get in touch. For more information on cloud security, click here.