New research from the enterprise security firm ReliaQuest has revealed that a rapid increase in the number of security tools used by enterprises is limiting their return on investment while also increasing the risk of cyber threats.
To compile its new 2019 ReliaQuest Security Technology Sprawl Report, the firm surveyed 400 security decision makers at companies with over 1,000 employees to discover there is a “security tool tipping point” where the number of cybersecurity solutions becomes overwhelming and increases organizational risk levels.
As a result, enterprises are under utilizing their technology, wasting valuable security resources and leaving their teams overwhelmed. Security teams are also spending more time trying to manage their wide range of tools than proactively defending against threats.
Of those surveyed, almost three quarters (70%) of respondents said their organization has invested in more than five new technologies in the last year while 19 percent said they’ve invested in more than 20.
Teams are struggling to implement these new tools and 71 percent said that they are adding security technologies faster than they are adding the capacity to proactively use them. This added complexity is also compromising their threat response with 69 percent of security decision makers surveyed saying that their security team currently spends more time managing security tools than effectively defending against threats.
To make matters worse, a majority of enterprises are less secure today as a result of security tool sprawl and over half (53%) say their security team has reached a tipping point where the excessive number of security tools in place adversely impacts their organization’s security posture.
ReliaQuest’s CEO, Brian Murphy provided further insight on the report’s findings, saying:
“Cyber threats continue to rise and require companies to mitigate risk. While it’s tempting to think another piece of technology will solve the problem, it’s far from true — in fact, this survey proves more tools can worsen enterprise security by adding complexity without improving outcomes. Enterprises need to shift focus to getting more out of the investments they’ve already made while becoming more selective with new technology acquisitions and ensuring fit with their existing security models. The ultimate goal: tight integration and transparency across their entire environment.
“Ultimately, security technologies help enterprises stay a step ahead of rapidly evolving threats. Vendor sprawl and the financial and operational pains it causes are avoidable. But to ensure technologies collectively deliver greater transparency, security leaders should reassess overarching business goals, align tools to their security models and then recalibrate the process and people to achieve the best outcomes.”