The importance of synchronizing isolated security solutions

The growing number of siled security solutions that make up so much of a modern organization’s security stack is creating major headaches for corporate cybersecurity teams. Existing solutions lack the ability to gain contextual insights, and analysts don’t have the time or resources to bring together wide ranges of data points accumulated across different channels.

This results in an inability to fully predict and understand the scope of flagged threats. And that leaves organizations vulnerable.

To hedge their bets, threat actors look to target an enterprise through multiple attack vectors. This strategy has become much simpler as companies continue to adopt new SaaS applications, web applications, cloud collaboration tools and shared cloud storage units.

With the number of vulnerable channels only expanding, so too is the number of security solutions being deployed, making the interconnection of an organization’s cybersecurity solutions essential to the continuous and efficient protection of the organization.

With the increasing sophistication and frequency of cyber attacks, security professionals rely on an ever-increasing number of cyber defense tools. On average, organizations use 45 different cybersecurity tools to keep their systems secure, and many companies deploy more than that.

With such a bloated list of solutions, they often undermine each other. Security teams operating more than 50 tools are 8% less effective in detecting an attack and 7% less effective in responding to one. Clearly, siled security solutions are leaving organizations vulnerable.

Furthermore, as the arsenal of disconnected solutions continues to expand, it becomes less and less sustainable for security personnel to jump from one threat defense tool to another. The isolation of all these solutions obscures the company’s holistic view of its security status and important aspects of contextual analysis. And think of the overhead many of these tools require for setup and management.

Sixty percent of cybersecurity professionals admit that their current security tools do not allow their security operations team to work at peak efficiency. Eight and four percent estimate that their organization has lost up to 10% of revenue from security breaches in the past 12 months.

These percentages will continue to rise as security teams respond to rising threats with more tools, especially as they struggle to protect against new attack vectors. With each new work tool (or personal tool, such as WhatsApp) adopted by users, areas of vulnerability not covered by traditional corporate security solutions increase. As reliance on new cloud-based work tools increases and hybrid working becomes the norm, corporate operations become more complex and siled security data becomes more of an issue.

consolidation, consolidation, consolidation

There is no silver bullet for dealing with threat actors. However, it is vital that cybersecurity professionals consolidate their tools to streamline communications and manage incidents quickly and effectively. As much as possible, security professionals should be able to view activities and data provided by cyber and IT applications from a single platform. This way, they can holistically assess the organization’s security situation and fill in gaps with ease.

While the cybersecurity industry is heading towards consolidation with the emergence of effective extended detection and response (XDR) tools, the market is far from reaching full maturity. Meanwhile, there is still a need for tailored solutions that address different threats and attack vectors.

So some level of synchronization between these different tools is vital. The industry is already seeing this in the form of multi-vendor partnerships that integrate multiple tools into one platform.

Breaking down security in silos

For example, enterprise platforms like Salesforce are partnering with third-party vendors to bolster cybersecurity capabilities, allowing users to integrate their niche application security into their broader network security. Cybersecurity EDR vendors such as SentinelOne and CrowdStrike partner with multiple third-party vendors to provide customers with coverage compatible with their own solution, to increase their customers’ security posture and unify management.

Security leaders must lead the vendor community to deliver highly integrated solutions that provide actionable insight into connections as well as contextual analysis across seemingly disparate issues to prevent and remediate malicious activity. The built-in compatibility between different solutions will also reduce the manual workload required of security teams and allow them to better use their time, dealing with cyber threats more effectively. This should be supported by machine learning (ML) and artificial intelligence (AI) to further reduce the manual workload.

A hodgepodge of isolated and disconnected solutions can cause more problems than solutions. A cybersecurity team’s inability to see the big picture (and more) is a major vulnerability for businesses and impedes a team’s ability to prevent and act against threats. This is especially true if threats work on multiple levels, as is increasingly the case.

In the current economic climate, cost-cutting measures are impacting every organization, and a security team’s time has become even more precious. Therefore, for the security of an organization, it is vital that your time is spent as efficiently as possible.

As the industry prepares for an increasingly complex wave of threats, breaking down silos and building synchronicity is imperative to your success.

Yoram Salinger is CEO of Perception Point.