Simplifying the adoption of security tools for increased cybersecurity protection

Article by Daniel Kwong, Field Chief Information Security Officer (CISO) for South East Asia and the Hong Kong region, Fortinet

With networks more complex and distributed, threat detection and response are more difficult than ever. As a consequence, organizations are deploying more and more security solutions across their networks. However, this exacerbates security sprawl, giving rise to an untenable situation marked by a lack of centralized management which raises complexity, fragments visibility, and limits incident response.

According to Kearney, more than 25% of organizations in Southeast Asia have more than 10 cybersecurity vendors, while 36% say they deploy more than 10 cybersecurity solutions. A large number of security products in organizations increases complexity, integration costs, and staffing requirements. Furthermore, a joint report by Microsoft and Marsh found that Asian organizations experienced far more breaches than global peers, while over a third of respondents from the region only re-evaluated cybersecurity deployments after an incident.

At the same time, an acute skills gap afflicts the region. Findings from the “2021(ISC)² Cybersecurity Workforce Study” indicate that the region’s workforce gap stands at 1.42 million — the largest globally. Exacerbating the security sprawl, the skills shortage poses yet another risk that threatens to jeopardize the cyber resilience and competitiveness of regional organizations.

With these risks in tandem with rapidly expanding digital attack surfaces, organizations will find it increasingly difficult to protect against advanced threats. An assortment of point security products creates silos and aggravate the disconnect between IT and SecOps, raising the risk of cyber events and breach. IT and security professionals are facing challenges in managing assets, visibility, and integrating multiple security vendors.

A cohesive and reliable solution with clear visibility and consistent control will then be nigh on impossible. Simply put, if tools are not designed to natively work together, IT teams are forced into bolting together solutions through complicated workarounds. The troubleshooting required for maintenance means that such workarounds consume a considerable amount of IT overhead and risk logistical efficiency.

Integration is Imperative

Amid these myriad risks, organizations need the ability to securely introduce digital innovation, so that digitization does not run the risk of compromising their ability to shield against cyber threats. However, complex and fragmented infrastructures from assorted point security products obscure network and security operations as they typically operate in silos.

In a survey earlier this year, we found that more than 80% of organizations are either actively planning to work with cybersecurity vendors for a consolidation strategy or are looking forward to doing so in the not-too-distant future.

Providing improved integration, and consolidating security reduce functional gaps, enabling organizations to reap considerable savings and efficiencies around costs and resource allocations. In turn, this frees up organizations to shore up their cyber resilience.

Using a single, central set of tools, procedures, and systems removes siloes through a centralized network. However, for this management model to be successful, eliminating complexity and simplifying network operations are critical. Centralized management needs to span all distributed branch environments so that configurations and policies can be delivered and orchestrated to enable swift identification and correction of weaknesses.

Through centralized network security management, organizations wrestle back control of all security features via a single server. In practical terms, handling data streams to and from a single server ensures organizations unify visibility to beef up data security, while removing redundancies.

Realizing Real Comprehensive Integration

With the emergence of more and more sophisticated threats, organizations need to be able to keep up with a highly dynamic cybersecurity threat landscape.

Here is where integrating advanced threat intelligence into threat response processes is crucial. Doing so immediately evolves the security posture of organizations, ensuring preparedness against the latest threats and trends. To be on the ball and take the sting out of impending threats, organizations need to be able to integrate different security products and modules, by coupling to each other through standardized interfaces that are combined with unique framework design.

To address security sprawl, organizations must prioritize solutions that allow increased visibility into the threat landscape. Standardized threat intelligence across the digital architecture allows insights from security tools to be quickly leveraged, enabling coordinated and automated responses.

Adopting broad, integrated, and automated platforms is vital to achieving interoperability across a vast ecosystem of network environments and third-party solutions; providing centralized management and visibility and end-to-end automation by adapting to changing network environments.

Through a cohesive, fully integrated security infrastructure, organizations arm themselves with unified protection, actionable threat intelligence, and automated real-time advanced detection across the threat surface. As a result, organizations not only reduce the effort needed for managing the IT infrastructure but also keep their networks and can confidently manage their entire security infrastructure.

 

The views in this article is that of the author and may not reflect the views of Tech Wire Asia. 

---

---

---