• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

5 Steps to Mitigating Security Tool Sprawl

October 3, 2019 By The Editor

According to a Forrester survey of IT decision-makers, more than half of businesses use 20 or more tools between security and operations, and 70% say these tools lack full integration. This is a prime example of tool sprawl, or adoption of too many one-off specialized solutions. Unfortunately, tool sprawl is a growing issue for many organizations – a trap that’s been made easier to fall into with the advent of cloud and software-as-a-service (SaaS). Using too many tools can reduce productivity, dramatically complicate management workflows, and inflate costs significantly.

Where security is concerned, WatchGuard’s director of product management, Himanshu Verma, says that simply deploying more technologies isn’t the best way to prevent cyber incidents and can in fact have the opposite effect. Here’s a brief excerpt from Himanshu’s recent guest article for Dark Reading on the subject:

“Every organization should be on guard against security tool sprawl. With the increase in IT security spending and the growing adoption of new defense technologies, network administrators often find themselves toggling between a large roster of security solutions with overlapping use cases and functionality — sometimes across up to 10 or more in specific functional areas (based on conversations I’ve had network admin customers and resellers who work with them). This creates many issues, including everything from licensing costs to reduced productivity and increased chances of missing or mishandling critical patches and bug fixes.

IT decision-makers within organizations of all sizes should focus on putting measures into place that curb security tool sprawl and curtail the serious security issues that can arise as a result. Here are several key best practices that every organization can use to avoid security tool sprawl:

  1. Clearly identify the scope and entities of coverage required before deploying a new security tool. It’s critical that you understand the various components of the IT infrastructure at hand (that is, network, endpoint, wireless, identities, etc.) and map security coverage across individual use cases (such as users, applications, physical, virtual, etc.). This will allow you to explore opportunities for consolidation when choosing the appropriate security solutions.
  2. Take a platform-based approach to security, leveraging connectors and integrations. Look for platforms that offer layered security services across multiple use cases with a wide breadth of coverage either natively or with seamless technology integrations.”

Check out the full article on Dark Reading for three more of Himanshu’s tips for avoiding security tool sprawl. Stay tuned to Secplicity for more security news, analysis and best practices, and be sure to sign up for the Secplicity Email Newsletter to get the latest updates delivered straight to your inbox.

Share This:

Related

Filed Under: Editorial Articles, Featured

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • An Update on Section 230

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • 3CX Supply Chain Attack
  • The NSA’s Guidance on Securing Authentication
  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use