While cybersecurity professionals always want more tools, more often than not they’re dealing with too many tools delivering identical services. The redundancy is causing confusion and more importantly, cost. Why should you pay for it? How does it happen and how do InfoSec leaders consolidate tools?
Check out this post and discussion for the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX). Our guest for this episode is Adam Glick, vp, cybersecurity, Brown Brothers Harriman.
Got feedback? Join the conversation on LinkedIn.
Thanks to this week’s podcast sponsor, SpyCloud
On this episode of Defense in Depth, you’ll learn:
- The tools bloat problem does not happen overnight.
- Often you have no choice with tools bloat. It’s a function of the industry that companies add new capabilities and they acquire companies so you start to get redundancy even if you didn’t plan on it.
- You can run into the trap of having excellent independent tools, but then they cause overlap and because they’re independent and not integrated you eventually fall on the side of going with the lesser tool because it has integration with other capabilities.
- Best of breed doesn’t sit still. It starts to morph and doesn’t necessarily become the best anymore.
- Even if you did a great job consolidating, you can’t set it and forget it. Given the industry’s behavioral morphs and your growing needs, you’ll need to revisit the issue at least once or twice a year.
- You need to do a tools audit.
- A lot of political issues will come into play as people will defend the tools they love, built upon, and use. If you can’t figure out a way to mediate, you’ll need to hire a third party to do the audit and make the assessment.
- Integration is critical. If there aren’t APIs and other ways for the tools to communicate, it doesn’t matter how awesome it is, the tool will need to be dumped.