April 17, 2020 By Anshul Garg 3 min read

Cybersecurity leaders and security teams are going through a tough phase. On one hand, cyberattacks are at an all-time high with 8.5 billion records breached in 2019 and ransomware attacks up 67 percent year-over-year in Q4 2019, according to the X-Force Threat Intelligence Index. On the other hand, security leaders are faced with the problem of security complexity. According to research by Forrester, the biggest problem security leaders have identified for their business is complexity.

I recently had an opportunity to chat about the complexity in today’s security landscape with Joseph Blankenship, vice president and research director at Forrester Research, and James Murphy, senior offering manager at IBM Security, during a webinar. The conversation began on a nostalgic note with Blankenship drawing an interesting comparison between security complexity and a practice called defragmentation.

Defragmentation was a computer junkie’s (like myself) favorite pastime in the late ’90s. Users would run the “defragment” program on their Windows PCs to reallocate storage and use the computers’ RAM in the most efficient fashion. The process would typically help improve the performance of the computer. But are there any best practices we can learn from this defragmentation process to improve our security ecosystem?

A Complex Ecosystem of Security Products

If we look at the ecosystem, we’ll see point products that we have added over time to address individual use cases. In most instances, these point products have different consoles, different syntax and require specialized resources to manage. Effective security architecture requires products to work together to share telemetry data, identify and remediate vulnerabilities, meet compliance demands and more. Unfortunately, this is not happening in the current environment, a problem that is becoming more expensive to manage.

Blankenship gave a unique perspective on this and introduced a concept that I think is helpful here: expense in depth. With organizations buying all of these individual point products, they have spent budget on capital and operational expenditures, and much more on the skilled personnel to manage the products and their integrations, to the point that these expenses are layered on top of each other. In other words, the resources required to manage each layer of tech overhead exceed the return on investment.

How a Security Platform Can Help Reduce Complexity

One of the ways to mitigate the challenge of having too many tools, too much data and too few resources is through a comprehensive security platform. In simple terms, implementing a security platform is a way to hide all the complexity from the user and provide the user with a single console to work from, with the platform managing all integrations internally.

In our conversation, Blankenship discussed the different models of security platforms and some of the key characteristics that organizations should look for: offering new capabilities without a new install, supporting both open-source and commercial tools, removing the work of manual integrations and more.

Once we talked about common security challenges and possible solutions — and explored security platforms in detail — Murphy gave an overview of how IBM is addressing security complexity with IBM Cloud Pak for Security, a security platform that helps security professionals uncover hidden threats, make informed, risk-based decisions and prioritize the team’s time. It can also connect to existing data sources to generate deeper insights without requiring teams to move their data.

The webinar we recorded includes a quick demo of Cloud Pak for Security so viewers can see it in action and better understand how the platform brings together security data and workflows into a unified experience, with no data migration required.

A Worthwhile Discussion on the Value of Security Platforms

I enjoyed and learned a lot from this conversation. It was beneficial to hear Blankenship outline common security challenges based on his client interactions and share his unique perspective on solving them. I loved the connection to defragmentation as well as the numerous references he made to Star Wars and Lego sets. After hearing Blankenship’s presentation and walking through the benefits of the platform, it was easy to see how Cloud Pak for Security is a unique solution that can help address many of the challenges in today’s industry.

If you want to learn more about simplifying security with a platform approach, or if you’re just a Star Wars fan or Lego enthusiast, the full conversation is a must-listen.

More from CISO

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Boardroom cyber expertise comes under scrutiny

3 min read - Why are companies concerned about cybersecurity? Some of the main drivers are data protection, compliance, risk management and ensuring business continuity. None of these are minor issues. Then why do board members frequently keep their distance when it comes to cyber concerns?A report released last year showed that just 5% of CISOs reported directly to the CEO. This was actually down from 8% in 2022 and 11% in 2021. But even if board members don’t want to get too close…

The CISO’s guide to accelerating quantum-safe readiness

3 min read - Quantum computing presents both opportunities and challenges for the modern enterprise. While quantum computers are expected to help solve some of the world’s most complex problems, they also pose a risk to traditional cryptographic systems, particularly public-key encryption. To ensure their organization’s data remains secure now and in the future, chief information security officers (CISOs) should educate themselves about quantum computing, proactively address the coming quantum risks to cybersecurity and work to establish cryptographic agility in their enterprise.A future cryptographically…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today