Pen, paper and ink alone do not make a novel. In the same way, anti-malware, firewalls and SIEM tools alone do not make an enterprise secure. Too many organizations think that buying lots of security solutions and deploying them will make them secure. However, just having a security tool running does not make an enterprise secure. Let’s take a look beyond tools to the way security teams can take a more holistic approach. 

Why Enterprise Security Tools Aren’t Enough

Having some kind of digital defense is better than having nothing, and most security solution providers have some very sensible vanilla set-up solutions. However, these security systems are nothing more than tools, usually focused only on a narrow segment of the risks an enterprise faces.

Those tools can’t work alone. Their makers do know this: over the years most of them have become very good at producing data feeds that can be fed into SIEM and other tools in an attempt to weld different views together to spot more subtle forms of attack.

Even this approach is incorrect. For example, I have circuit breakers in my house to protect my family from an electrical fault; however, if I ignore a frayed or worn-out cable, there’s still a high risk of damage. I cannot just assume the safety measures will protect me from all ills. In the world of enterprise security, using software that is past its end-of-life date and no longer capable of being patched generates huge risks for the business.

Plot and Characters: How to Train Beyond Tools

When writing a novel, one of the most important aspects is to know who your characters are and what they want. In cybersecurity, the equivalent is making sure your people can do their jobs. Teams can be lulled into the false idea that the answer to every risk is another tool. With more and more security tools hitting the market every week, it is easy to think that way. While you do need some tooling, a sound defensive strategy aligned to meet the overall needs of the business is more important.

In addition, teach the security operations team to be curious and thorough. Measure them not on the number of tickets they process every day but on how well they answer the questions of who, what, when, how and why.

5 Security Tools You Do Need

To answer those questions well, the same cybersecurity assessment tools we needed 20 years ago are still just as important. Don’t forget: 

  1. Up-to-date asset database — including patch levels
  2. Data discovery — to know what and where your critical data is
  3. Network visibility — to know who and what are on your systems
  4. Identity governance — with as much automation as possible
  5. Access management — even more important in these days of zero trust architecture

Some organizations still don’t know where their critical data is or what data is critical. With the cloud making it easier for anyone to spin up new infrastructure, this problem is only going to get worse.

Bringing Enterprise Cybersecurity Together 

So, what is to be done? Remember, enterprise security is not about deploying and maintaining tools. It is about knowing how your business runs, what data and apps are vital for it to add value to its customers, fostering a strong risk management strategy to protect those assets and using the tools you have to see what is going on.

Having a pen and paper on your desk will not produce a blockbuster novel by itself. Likewise, having a handful of security tools, even those considered market leaders, will not make your enterprise secure. Armed with the knowledge of your critical data and systems and a security strategy, you have what you need to protect what matters.

More from Security Services

How I got started: SIEM engineer

2 min read - As careers in cybersecurity become increasingly more specialized, Security Information and Event Management (SIEM) engineers are playing a more prominent role. These professionals are like forensic specialists but are also on the front lines protecting sensitive information from the relentless onslaught of cyber threats. SIEM engineers meticulously monitor, analyze and manage security events and incidents within an organization. They leverage SIEM tools to aggregate and correlate data, enabling them to detect anomalies, identify potential threats and respond swiftly to security…

How IBM secures the U.S. Open

2 min read - More than 15 million tennis fans around the world visited the US Open app and website this year, checking scores, poring over statistics and watching highlights from hundreds of matches over the two weeks of the tournament. To help develop this world-class digital experience, IBM Consulting worked closely with the USTA, developing powerful generative AI models that transform tennis data into insights and original content. Using IBM watsonx, a next-generation AI and data platform, the team built and managed the entire…

Machine learning operations can revolutionize cybersecurity

4 min read - Machine learning operations (MLOps) refers to the practices and tools employed to streamline the deployment, management and monitoring of machine learning models in production environments. While MLOps is commonly associated with data science and machine learning workflows, its integration with cybersecurity brings new capabilities to detect and respond to threats in real-time. It involves streamlining the deployment and management of machine learning models, enabling organizations to gain insight from vast amounts of data and improve their overall security posture. Defining…

Zero-day attacks are on the rise. Can patches keep up?

4 min read - That latest cyberattack threatening your organization is likely coming from outside the corporate network. According to Mandiant’s M-Trends 2023 report, 63% of breaches came from an outside entity — a considerable rise from 47% the year before. When it comes to how intruders are getting into the network, it depends on the organization’s location. Spearphishing is the top attack vector in Europe, while credential theft-based attacks are the number one type of attack in Asia, Kevin Mandia, Mandiant CEO, told…