Cybersecurity practitioners are growing increasingly overwhelmed managing tools from multiple vendors, according to new research from Kaspersky.
A recent study from the security firm found nearly three-quarters (74%) of companies in the UK rely on “multi-vendor ecosystems” – a trend which is putting them at increased risk and burning out staff.
Indeed, over one-third (36%) of UK cyber workers said their security stacks are “overly complex and time-consuming” to maintain, which in turn is hampering their ability to respond to emerging threats.
Maintaining disparate tools has a knock-on effect across the cybersecurity segment at most businesses, the study noted. Compatibility issues were highlighted as a key challenge, for example, with 43% of respondents indicating they cannot keep a handle on security processes because of a lack of cross-platform integration.
This, the study warned, often leads to manual interventions and increases the chances of human error or blind spots, leaving the business open to breaches.
Similarly, 36% said they struggle with “inconsistent threat visibility” due to the growing array of tools and solutions. As data is collected from various vendors, Kaspersky noted this also creates blind spots and reduces “overall situational awareness”
Ilya Markelov, head of unified platform product line at Kaspersky, said enterprises often rely on multiple vendors “by default, rather than through deliberate strategic planning”.
“While diversification of security solutions can offer certain benefits, such as risk mitigation and coverage breadth, an unchecked increase in complexity often leads to significant resource drain and operational inefficiencies,” Markelov said.
“Moreover, this complexity can create critical blind spots, making it harder to maintain comprehensive threat visibility and respond effectively to emerging risks.”
Tool sprawl is still plaguing cybersecurity teams
The study from Kaspersky is the latest in a string of warnings over tool sprawl in recent years. It’s not just an issue restricted to cybersecurity teams, however, with workers in other professions, such as software development, contending with the problem.
Analysis from Red Canary in October 2024 showed tool sprawl was a key challenge facing software development teams. The study came just weeks after separate research from IDC which examined the mental strain placed on teams as a result of tool sprawl, known as ‘context switching’.
Context switching refers to the process of moving from one environment or solutions stack to another in an employee’s daily workflow. Over two-thirds (70%) of respondents told IDC that switching between different tools reduced their efficiency.
Speaking at the time, Katie Norton, research manager for DevSecOps and software supply chain security at IDC, said context switching not only wastes an employee’s time, but also inflates costs.
Costs were another key issue highlighted by Kaspersky in its recent report, with the security firm warning 36% of UK businesses experience “budget overruns” due to overlapping solutions.
“These redundancies not only inflate costs but also complicate resource allocation and strategic planning,” the company said.
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
-
Microsoft’s plan to reduce emissions by burying poop stinks of greenwashingOpinion Hyperscalers are scrambling to take on green deals in a move to overshadow spiralling emissions
-
Only Europeans will run AWS' European Sovereign CloudNews The firm wants to reassure customers that sovereign really does mean sovereign
-
AI breaches aren’t just a scare story any more – they’re happening in real lifeNews IBM research shows proper AI access controls are leading to costly data leaks
-
75% of UK business leaders are willing to risk criminal penalties to pay ransomsNews A ransom payment ban is a great idea - until you're the one being targeted...
-
Bitdefender targets security gaps with new Cybersecurity Advisory ServicesNews The security vendor has launched a range of new services that include advisory retainers and strategic security guidance
-
‘Polyworking’ is a cybersecurity nightmare waiting to happenNews Particularly popular with Gen Z, so-called polyworking brings huge cybersecurity risks
-
Hackers accessed more data than thought in Legal Aid Agency cyber attackNews Anybody who's applied for legal aid funding since 2007 could have had their personal data stolen
-
Nearly half of enterprises aren't prepared for quantum cybersecurity threatsNews Most businesses haven't even started transitioning to post-quantum cryptography, research shows
-
The Scattered Spider ransomware group is infiltrating Slack and Microsoft Teams to target vulnerable employeesNews The group is using new ransomware variants and new social engineering techniques - including sneaking into corporate teleconferences
-
UK cybersecurity workers are overworked, overwhelmed, and burning out faster than global counterparts — here's whyNews Gaps in visibility, poor board communication, and a lack of cyber maturity are leading to high levels of burnout
