January 27, 2021 By Gavin Kenny 3 min read

Pen, paper and ink alone do not make a novel. In the same way, anti-malware, firewalls and SIEM tools alone do not make an enterprise secure. Too many organizations think that buying lots of security solutions and deploying them will make them secure. However, just having a security tool running does not make an enterprise secure. Let’s take a look beyond tools to the way security teams can take a more holistic approach. 

Why Enterprise Security Tools Aren’t Enough

Having some kind of digital defense is better than having nothing, and most security solution providers have some very sensible vanilla set-up solutions. However, these security systems are nothing more than tools, usually focused only on a narrow segment of the risks an enterprise faces.

Those tools can’t work alone. Their makers do know this: over the years most of them have become very good at producing data feeds that can be fed into SIEM and other tools in an attempt to weld different views together to spot more subtle forms of attack.

Even this approach is incorrect. For example, I have circuit breakers in my house to protect my family from an electrical fault; however, if I ignore a frayed or worn-out cable, there’s still a high risk of damage. I cannot just assume the safety measures will protect me from all ills. In the world of enterprise security, using software that is past its end-of-life date and no longer capable of being patched generates huge risks for the business.

Plot and Characters: How to Train Beyond Tools

When writing a novel, one of the most important aspects is to know who your characters are and what they want. In cybersecurity, the equivalent is making sure your people can do their jobs. Teams can be lulled into the false idea that the answer to every risk is another tool. With more and more security tools hitting the market every week, it is easy to think that way. While you do need some tooling, a sound defensive strategy aligned to meet the overall needs of the business is more important.

In addition, teach the security operations team to be curious and thorough. Measure them not on the number of tickets they process every day but on how well they answer the questions of who, what, when, how and why.

5 Security Tools You Do Need

To answer those questions well, the same cybersecurity assessment tools we needed 20 years ago are still just as important. Don’t forget: 

  1. Up-to-date asset database — including patch levels
  2. Data discovery — to know what and where your critical data is
  3. Network visibility — to know who and what are on your systems
  4. Identity governance — with as much automation as possible
  5. Access management — even more important in these days of zero trust architecture

Some organizations still don’t know where their critical data is or what data is critical. With the cloud making it easier for anyone to spin up new infrastructure, this problem is only going to get worse.

Bringing Enterprise Cybersecurity Together 

So, what is to be done? Remember, enterprise security is not about deploying and maintaining tools. It is about knowing how your business runs, what data and apps are vital for it to add value to its customers, fostering a strong risk management strategy to protect those assets and using the tools you have to see what is going on.

Having a pen and paper on your desk will not produce a blockbuster novel by itself. Likewise, having a handful of security tools, even those considered market leaders, will not make your enterprise secure. Armed with the knowledge of your critical data and systems and a security strategy, you have what you need to protect what matters.

More from Security Services

39% of MSPs report major setbacks when adapting to advanced security technologies

4 min read - SOPHOS, a leading global provider of managed security solutions, has recently released its annual MSP Perspectives report for 2024. This most recent report provides insights from 350 different managed service providers (MSPs) across the United States, United Kingdom, Germany and Australia on modern cybersecurity tools solutions. It also documents newly discovered risks and challenges in the industry.Among the many findings of this most recent report, one of the most concerning trends is the difficulties MSPs face when adapting their service…

A decade of global cyberattacks, and where they left us

5 min read - The cyberattack landscape has seen monumental shifts and enormous growth in the past decade or so.I spoke to Michelle Alvarez, X-Force Strategic Threat Analysis Manager at IBM, who told me that the most visible change in cybersecurity can be summed up in one word: scale. A decade ago, “'mega-breaches' were relatively rare, but now feel like an everyday occurrence.”A summary of the past decade in global cyberattacksThe cybersecurity landscape has been impacted by major world events, especially in recent years.…

How a new wave of deepfake-driven cyber crime targets businesses

5 min read - As deepfake attacks on businesses dominate news headlines, detection experts are gathering valuable insights into how these attacks came into being and the vulnerabilities they exploit. Between 2023 and 2024, frequent phishing and social engineering campaigns led to account hijacking and theft of assets and data, identity theft, and reputational damage to businesses across industries. Call centers of major banks and financial institutions are now overwhelmed by an onslaught of deepfake calls using voice cloning technology in efforts to break…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today