What is your biggest challenge when trying to consolidate security tools?

Strategy & ArchitectureSecurity & GRCThreat & Vulnerability Management+3 more
1.1k views2 Upvotes4 Comments
Sort By:
Oldest
Head of Information and Data Analytics in Software3 years ago
My observation is there were too many point solutions. There is a flavor of the month compliance. GDPR happens and a whole bunch of tools pop up that go after GDPR. Then something else happens, so you want SAS security, there is a tool for that. Now, part of the problem is the VCs want to invest in point solutions that would get quick returns and an exit for the company. But from a practitioners point of view, it's a nightmare. Each tool doesn't talk to the other.
1 1 Reply
CEO and Co-Founder in Software3 years ago

This is true. When you see returns of 50, 60 multiples on startups, what are you going to do? You're going to fund, you keep funding. All you need is one success. At least you made your money back for your LPs.

CEO and Co-Founder in Software3 years ago
Go back 10, 12 years. First, there was very limited logging. Storage became cheap, computers became cheap, and people had money. When you have two recessions, cash becomes cheap. Since 2008, all these guys were getting 0% interest rates. Every Corporation had billions of dollars. So they'll build whatever they can, and then one thing they told everybody is just freaking go log everything. Compute doesn't cost you anything, so you start logging everything. Now you're drowning in data. You don't know where to start where to end. 

Then we started buying different tools. At RiskSense we focus on prioritization. It's pre-alert, pre incident. It's about if you have a weakness, if you have a vulnerability, if you have a misconfiguration, what would an attacker do? It's that hacker's mindset. When you talk about cloud-based pen testing, cloud-based analysis. Our mission is to spot the vulnerabilities before an attacker does.  So what do you have to look at as indicators of attack? What is that one thing an attacker is going after? You can make a grave mistake by not setting up MFA. All your cloud, your SAS, they all come with MFAs. If you don't, then that one single control you're believing is going to help you is pretty much useless. This is simple hygiene and in all NPM.
lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals
VP, Director of Cyber Incident Response in Finance (non-banking)3 years ago
There's a lot of overlap in functionality between various security tools.  This results in inefficiency in terms of cost, compute power and response.  Take a look at the various cloud platforms.  GCP, AWS, Azure, etc all have their unique security tools in them.  And they don't play nice together.  So, you either need to learn them all, or buy another tool to do it for you.

Then it seems like I never fully utilize the tools I have.  And then I get challenged on the value of the tool.

And then a new tool comes along ......
1

Content you might like

If you have had a negative experience with a vendor (without naming the vendor), what did you learn from it?

Financial ManagementVendor Management
VP of Global IT and Cybersecurity in Manufacturing6 years ago
Have clear business requirements up front, make sure the proposal includes items such as scope, timeline, cost, resources.
Read More Comments
22.1k views3 Upvotes28 Comments

What is your primary deciding factor in adopting enterprise search?

Strategy & ArchitectureCloudEnd-User Services & Collaboration+26 more

TCO19%

Pricing26%

Integrations21%

Alignment with Cloud Provider7%

Security10%

Alignment with Existing IT Skills4%

Product / Feature Set7%

Vendor Relationship / Reputation

Other (comment)

View Results
5.7k views3 Upvotes1 Comment

Any recommendations for a comprehensive GenAI learning platform?

EngineeringData & AnalyticsSecurity Strategy & Roadmap+4 more
IT Manager in Constructiona month ago
Hello,
the topic is so broad, what are you focused on?
Read More Comments
4.8k views2 Upvotes5 Comments

In the past 6 months, have you seen an uptick in targeted cyberattacks on telehealth devices and networks?

Security & GRCNetworkThreat & Vulnerability Management+2 more

No Increase16%

1-5% increase47%

6-25% increase24%

26-50% increase6%

51-75% increase1%

76%+1%

Other2%

View Results
1.7k views1 Upvote

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

Applications & PlatformsCloudData & Analytics+15 more
Head of Enterprise Architecture MERCK Group in Healthcare and Biotecha year ago
Strategy & Architecture
Read More Comments
39k views5 Upvotes34 Comments