April 17, 2020 By Anshul Garg 3 min read

Cybersecurity leaders and security teams are going through a tough phase. On one hand, cyberattacks are at an all-time high with 8.5 billion records breached in 2019 and ransomware attacks up 67 percent year-over-year in Q4 2019, according to the X-Force Threat Intelligence Index. On the other hand, security leaders are faced with the problem of security complexity. According to research by Forrester, the biggest problem security leaders have identified for their business is complexity.

I recently had an opportunity to chat about the complexity in today’s security landscape with Joseph Blankenship, vice president and research director at Forrester Research, and James Murphy, senior offering manager at IBM Security, during a webinar. The conversation began on a nostalgic note with Blankenship drawing an interesting comparison between security complexity and a practice called defragmentation.

Defragmentation was a computer junkie’s (like myself) favorite pastime in the late ’90s. Users would run the “defragment” program on their Windows PCs to reallocate storage and use the computers’ RAM in the most efficient fashion. The process would typically help improve the performance of the computer. But are there any best practices we can learn from this defragmentation process to improve our security ecosystem?

A Complex Ecosystem of Security Products

If we look at the ecosystem, we’ll see point products that we have added over time to address individual use cases. In most instances, these point products have different consoles, different syntax and require specialized resources to manage. Effective security architecture requires products to work together to share telemetry data, identify and remediate vulnerabilities, meet compliance demands and more. Unfortunately, this is not happening in the current environment, a problem that is becoming more expensive to manage.

Blankenship gave a unique perspective on this and introduced a concept that I think is helpful here: expense in depth. With organizations buying all of these individual point products, they have spent budget on capital and operational expenditures, and much more on the skilled personnel to manage the products and their integrations, to the point that these expenses are layered on top of each other. In other words, the resources required to manage each layer of tech overhead exceed the return on investment.

How a Security Platform Can Help Reduce Complexity

One of the ways to mitigate the challenge of having too many tools, too much data and too few resources is through a comprehensive security platform. In simple terms, implementing a security platform is a way to hide all the complexity from the user and provide the user with a single console to work from, with the platform managing all integrations internally.

In our conversation, Blankenship discussed the different models of security platforms and some of the key characteristics that organizations should look for: offering new capabilities without a new install, supporting both open-source and commercial tools, removing the work of manual integrations and more.

Once we talked about common security challenges and possible solutions — and explored security platforms in detail — Murphy gave an overview of how IBM is addressing security complexity with IBM Cloud Pak for Security, a security platform that helps security professionals uncover hidden threats, make informed, risk-based decisions and prioritize the team’s time. It can also connect to existing data sources to generate deeper insights without requiring teams to move their data.

The webinar we recorded includes a quick demo of Cloud Pak for Security so viewers can see it in action and better understand how the platform brings together security data and workflows into a unified experience, with no data migration required.

A Worthwhile Discussion on the Value of Security Platforms

I enjoyed and learned a lot from this conversation. It was beneficial to hear Blankenship outline common security challenges based on his client interactions and share his unique perspective on solving them. I loved the connection to defragmentation as well as the numerous references he made to Star Wars and Lego sets. After hearing Blankenship’s presentation and walking through the benefits of the platform, it was easy to see how Cloud Pak for Security is a unique solution that can help address many of the challenges in today’s industry.

If you want to learn more about simplifying security with a platform approach, or if you’re just a Star Wars fan or Lego enthusiast, the full conversation is a must-listen.

More from CISO

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today