Tool Overabundance in Cyber Security

Posted by mctracy On September 7, 2022

Cyber security funding could be wasted by acquiring an unnecessary amount of cyber security tools, causing an overabundance of tools in the field.

“With more threats sending the risk level higher, companies are responding with higher budgets to combat cyberthreats. Gartner just released research indicating that spending on information security and risk management will grow 12.2% in 2022, and by 2026, spending will undergo a compound annual growth rate of 11.0%. Even as companies throw more money toward their cybersecurity budgets, businesses aren’t getting the value they expect from their investments. It’s the cybersecurity professionals themselves who claim their companies are wasting money.” (Forbes).

A majority of respondents believe overabundance of tools rather than under-abundance is the problem facing the cyber security industry.

“Forty-three percent of survey respondents say their number one challenge in threat detection and remediation is an overabundance of tools, while 10% of organizations lack effective tools for remediating cybersecurity threats.” (Forbes).

This shows a problem in distribution of funds in the cyber security field.

“While quick threat detection is critical, it’s not the end game. Threats must be mitigated or neutralized to prevent or minimize harm to the organization. One-third of the security professionals have spent hundreds of thousands of dollars attempting to remediate threats. Fifteen percent spent millions on this effort. This shows that organizations persistently pursue threat investigations to detect and stop malicious actors. But sadly, a good number of the solutions they’re using don’t deliver the expected results—not delivering as advertised.” (Forbes).

There are a number of open source tools available to help lesson costs of cyber security tools.

“Open source is a double-edged sword for information security. On the one hand, security professionals rely on countless open source security software tools, frameworks, and data and intelligence sharing platforms to carry out their work. On the other hand, attackers have access to the same tools. In addition, open source software, both in security operations and elsewhere in the data center, can itself pose security risks.” (Data Center Knowledge).

Lists of these open source tools are available on the internet for anyone to view.

“Vulcan Cyber publishes its own list of open source tools for cyber risk assessment and mitigation. Security testing firm Bishop Fox also has another list of open-source tools, this one specifically around ransomware, with pros and cons of each tool.” (Data Center Knowledge).

Tools are helpful, but too many tools can prove to be trying for a cyber security team.

“No single cybersecurity tool or platform is ever going to address all needs. Tools are highly specialized for a reason. What companies need to do, however, is move toward convergence of the critical data from the disparate tools into a single source. Here the threat indicator data can be contextualized, analyzed and correlated using machine learning and artificial intelligence tools and, ultimately, prioritized according to risk. This will reduce the number of dashboards and alerts that security analysts need to follow and direct them to the most important threats that must be addressed first.” (Forbes).

Have any questions about cyber-security? Responsive Technology Partners is the leading cyber-security expert in the Athens, Metter, Milledgeville, Vidalia, and Atlanta, Georgia areas. We also have locations in Tampa, Florida, Roanoke, Virginia, and Raleigh South Carolina. Service offerings include I.T. support, cyber-security and compliance, telephony, cloud services, cabling, access control, and camera systems. Our company’s mission is to provide world-class customer service through industry leading I.T. solutions that make every customer feel as if they are our only customer. Please visit our website to learn more: https://www.responsivetechnologypartners.com/.