As enterprises expand their IT estates to drive efficiencies and offer new services, so does their attack surface, increasing their exposure to cyber threats.
In response to new threats, a flood of cyber products have hit the market in recent years to mitigate specific vulnerabilities, all which promise to bolster operational security.
But CISOs are concerned about the level of complexity that comes with a sprawling, ever-expanding security ecosystem, with practitioners now forced to manage a long list of disparate tools.
This was a key issue discussed during Check Point Software’s Cyber Leader Summit, held in London on 21 May 2024, where leading industry experts offered their thoughts on how the security leaders can navigate today’s threat landscape.
The answer, according to cyber security leaders, is to focus less on a reactive approach to new attack vectors as and when your business is targeted and instead adopt a more holistic approach to managing your organization’s security.
Speaking to ITPro, Deryck Mitchelson, head of global CISO and C-suite advisor at Check Point, said businesses have previously been bogged down by a tactical approach to mitigating threats that has prevented them from fleshing out a more holistic security strategy.
“They’re reacting, that’s what the problem is, if they don’t step back and look at a full security program, strategically as to how that affects the business, all they’re going to do is they’re going to react to some of these small tactical problems’,” he explained.
“The problem could be a vulnerability in some of their remote access or network layer, so they upgrade and replace the firewalls. But if they’re doing that in isolation from understanding the business email compromise or phishing risk, or without looking at the risk around their endpoint or their cloud posture management, then they’re missing something.
“They’re going to have lots of different dashboards, complexity to manage and that’s going to be their weakness.”
This where a platform security approach is key, according to Mitchelson, who argued that security teams struggling to manage an ever-complex security portfolio should be focused on simplifying this web of tools using a unified security platform.
A security platform is a centralized solution that consolidates the security products across a corporate network. A security platform should provide more than just threat detection and prevention, but also offer users identity and access controls, vulnerability management, and detailed reporting for audits and compliance checks, all through a single ‘pane of glass’.
Platform security could help redress growing cyber inequality
Another area of concern for Mitchelson is cyber inequality, reflecting a significant disparity in cyber budgets across regions, industries, and business sizes.
For example, in a blog published on 20 February 2024, Mitchelson noted that large enterprises may be able to allocate 12-15% of its budget on security whereas the average healthcare organization can only commit 4-7%.
In addition, 20% of schools can only afford to allocate 1% or less of their total spend on cyber security, according to data from the MS-IASC.
Organizations such as these typically need to spend 15% or more of their budget to protect against a growing array of threats, but this is simply not a viable option given budgetary restraints.
Discover how successful product development teams collaborate
The efficiencies security platforms can offer could help solve some of these limitations for organizations without the budgets or staff to implement a holistic security strategy from the ground up, Mitchelson detailed.
“A platform approach is something that can help to resolve that cyber inequality issue we’ve got, because it's very cost effective to get a huge level of cyber capability and efficiency without having to be an expert in lots and lots of different technologies.”
Mitchelson said that while a platform approach is an easy choice for larger enterprises with vast IT estates to manage, smaller businesses may have even more to gain from adopting this approach if it means they can overcome the barriers posed by cyber inequality.
“It’s a no-brainer for an enterprise. They want to try and do things the right way, protect that large business, they don’t have that technical capability in smaller businesses and the platform actually takes the complexity out of that”, he explained.
“The goal should still be to simplify, to get much more visibility, to be much more cost effective – and you get that, as Gartner says, through a platform approach”
One platform to rule them all?
When asked how businesses should decide which vendor to invest in, Maxine Holt, senior director of Research and Content at Omdia, told ITPro she does not expect organizations to rely on a sole single-vendor platform to manage their entire security posture.
“You can’t have one platform that does everything. Whether it’s Check Point, Microsoft, or Palo Alto, they don’t do everything that’s needed in the security portfolio, so you’re going to need multiple platforms.”
Holt explained that although businesses will need to manage a handful of separate security platforms, this will be vastly superior to juggling 50+ different isolated security tools.
“You will end up with typically multiple security platforms to be able to drive down that complexity and that’s better than 50 disparate products.”
In terms of how businesses should choose the right platform for them, Holt said that not all platforms are equal, and the best will be those that can offer true integration, ensuring all of their products feed their insights back through one management interface.
“A lot of security firms are quite acquisitive and the good platforms are the ones that take the time to integrate that new product that they’ve acquired into their portfolio … so that the outputs are all surfaced through one pane of glass.”
