Cybersecurity leaders and security teams are going through a tough phase. On one hand, cyberattacks are at an all-time high with 8.5 billion records breached in 2019 and ransomware attacks up 67 percent year-over-year in Q4 2019, according to the X-Force Threat Intelligence Index. On the other hand, security leaders are faced with the problem of security complexity. According to research by Forrester, the biggest problem security leaders have identified for their business is complexity.

I recently had an opportunity to chat about the complexity in today’s security landscape with Joseph Blankenship, vice president and research director at Forrester Research, and James Murphy, senior offering manager at IBM Security, during a webinar. The conversation began on a nostalgic note with Blankenship drawing an interesting comparison between security complexity and a practice called defragmentation.

Defragmentation was a computer junkie’s (like myself) favorite pastime in the late ’90s. Users would run the “defragment” program on their Windows PCs to reallocate storage and use the computers’ RAM in the most efficient fashion. The process would typically help improve the performance of the computer. But are there any best practices we can learn from this defragmentation process to improve our security ecosystem?

A Complex Ecosystem of Security Products

If we look at the ecosystem, we’ll see point products that we have added over time to address individual use cases. In most instances, these point products have different consoles, different syntax and require specialized resources to manage. Effective security architecture requires products to work together to share telemetry data, identify and remediate vulnerabilities, meet compliance demands and more. Unfortunately, this is not happening in the current environment, a problem that is becoming more expensive to manage.

Blankenship gave a unique perspective on this and introduced a concept that I think is helpful here: expense in depth. With organizations buying all of these individual point products, they have spent budget on capital and operational expenditures, and much more on the skilled personnel to manage the products and their integrations, to the point that these expenses are layered on top of each other. In other words, the resources required to manage each layer of tech overhead exceed the return on investment.

How a Security Platform Can Help Reduce Complexity

One of the ways to mitigate the challenge of having too many tools, too much data and too few resources is through a comprehensive security platform. In simple terms, implementing a security platform is a way to hide all the complexity from the user and provide the user with a single console to work from, with the platform managing all integrations internally.

In our conversation, Blankenship discussed the different models of security platforms and some of the key characteristics that organizations should look for: offering new capabilities without a new install, supporting both open-source and commercial tools, removing the work of manual integrations and more.

Once we talked about common security challenges and possible solutions — and explored security platforms in detail — Murphy gave an overview of how IBM is addressing security complexity with IBM Cloud Pak for Security, a security platform that helps security professionals uncover hidden threats, make informed, risk-based decisions and prioritize the team’s time. It can also connect to existing data sources to generate deeper insights without requiring teams to move their data.

The webinar we recorded includes a quick demo of Cloud Pak for Security so viewers can see it in action and better understand how the platform brings together security data and workflows into a unified experience, with no data migration required.

A Worthwhile Discussion on the Value of Security Platforms

I enjoyed and learned a lot from this conversation. It was beneficial to hear Blankenship outline common security challenges based on his client interactions and share his unique perspective on solving them. I loved the connection to defragmentation as well as the numerous references he made to Star Wars and Lego sets. After hearing Blankenship’s presentation and walking through the benefits of the platform, it was easy to see how Cloud Pak for Security is a unique solution that can help address many of the challenges in today’s industry.

If you want to learn more about simplifying security with a platform approach, or if you’re just a Star Wars fan or Lego enthusiast, the full conversation is a must-listen.

More from CISO

Who Carries the Weight of a Cyberattack?

Almost immediately after a company discovers a data breach, the finger-pointing begins. Who is to blame? Most often, it is the chief information security officer (CISO) or chief security officer (CSO) because protecting the network infrastructure is their job. Heck, it is even in their job title: they are the security officer. Security is their responsibility. But is that fair – or even right? After all, the most common sources of data breaches and other cyber incidents are situations caused…

Transitioning to Quantum-Safe Encryption

With their vast increase in computing power, quantum computers promise to revolutionize many fields. Artificial intelligence, medicine and space exploration all benefit from this technological leap — but that power is also a double-edged sword. The risk is that threat actors could abuse quantum computers to break the key cryptographic algorithms we depend upon for the safety of our digital world. This poses a threat to a wide range of critical areas. Fortunately, alternate cryptographic algorithms that are safe against…

How Do You Plan to Celebrate National Computer Security Day?

In October 2022, the world marked the 19th Cybersecurity Awareness Month. October might be over, but employers can still talk about awareness of digital threats. We all have another chance before then: National Computer Security Day. The History of National Computer Security Day The origins of National Computer Security Day trace back to 1988 and the Washington, D.C. chapter of the Association for Computing Machinery’s Special Interest Group on Security, Audit and Control. As noted by National Today, those in…

Emotional Blowback: Dealing With Post-Incident Stress

Cyberattacks are on the rise as adversaries find new ways of creating chaos and increasing profits. Attacks evolve constantly and often involve real-world consequences. The growing criminal Software-as-a-Service enterprise puts ready-made tools in the hands of threat actors who can use them against the software supply chain and other critical systems. And then there's the threat of nation-state attacks, with major incidents reported every month and no sign of them slowing. Amidst these growing concerns, cybersecurity professionals continue to report…