Cybersecurity leaders and security teams are going through a tough phase. On one hand, cyberattacks are at an all-time high with 8.5 billion records breached in 2019 and ransomware attacks up 67 percent year-over-year in Q4 2019, according to the X-Force Threat Intelligence Index. On the other hand, security leaders are faced with the problem of security complexity. According to research by Forrester, the biggest problem security leaders have identified for their business is complexity.
I recently had an opportunity to chat about the complexity in today’s security landscape with Joseph Blankenship, vice president and research director at Forrester Research, and James Murphy, senior offering manager at IBM Security, during a webinar. The conversation began on a nostalgic note with Blankenship drawing an interesting comparison between security complexity and a practice called defragmentation.
Defragmentation was a computer junkie’s (like myself) favorite pastime in the late ’90s. Users would run the “defragment” program on their Windows PCs to reallocate storage and use the computers’ RAM in the most efficient fashion. The process would typically help improve the performance of the computer. But are there any best practices we can learn from this defragmentation process to improve our security ecosystem?
A Complex Ecosystem of Security Products
If we look at the ecosystem, we’ll see point products that we have added over time to address individual use cases. In most instances, these point products have different consoles, different syntax and require specialized resources to manage. Effective security architecture requires products to work together to share telemetry data, identify and remediate vulnerabilities, meet compliance demands and more. Unfortunately, this is not happening in the current environment, a problem that is becoming more expensive to manage.
Blankenship gave a unique perspective on this and introduced a concept that I think is helpful here: expense in depth. With organizations buying all of these individual point products, they have spent budget on capital and operational expenditures, and much more on the skilled personnel to manage the products and their integrations, to the point that these expenses are layered on top of each other. In other words, the resources required to manage each layer of tech overhead exceed the return on investment.
How a Security Platform Can Help Reduce Complexity
One of the ways to mitigate the challenge of having too many tools, too much data and too few resources is through a comprehensive security platform. In simple terms, implementing a security platform is a way to hide all the complexity from the user and provide the user with a single console to work from, with the platform managing all integrations internally.
In our conversation, Blankenship discussed the different models of security platforms and some of the key characteristics that organizations should look for: offering new capabilities without a new install, supporting both open-source and commercial tools, removing the work of manual integrations and more.
Once we talked about common security challenges and possible solutions — and explored security platforms in detail — Murphy gave an overview of how IBM is addressing security complexity with IBM Cloud Pak for Security, a security platform that helps security professionals uncover hidden threats, make informed, risk-based decisions and prioritize the team’s time. It can also connect to existing data sources to generate deeper insights without requiring teams to move their data.
The webinar we recorded includes a quick demo of Cloud Pak for Security so viewers can see it in action and better understand how the platform brings together security data and workflows into a unified experience, with no data migration required.
A Worthwhile Discussion on the Value of Security Platforms
I enjoyed and learned a lot from this conversation. It was beneficial to hear Blankenship outline common security challenges based on his client interactions and share his unique perspective on solving them. I loved the connection to defragmentation as well as the numerous references he made to Star Wars and Lego sets. After hearing Blankenship’s presentation and walking through the benefits of the platform, it was easy to see how Cloud Pak for Security is a unique solution that can help address many of the challenges in today’s industry.
If you want to learn more about simplifying security with a platform approach, or if you’re just a Star Wars fan or Lego enthusiast, the full conversation is a must-listen.