As strange as it sounds, companies using more cybersecurity tools doesn't necessarily mean they're better protected against threats. A cybersecurity expert gives three concrete examples of why companies should not only rely on their software to protect their IT infrastructure.
On paper, the Defense in depth cybersecurity strategy looks better than almost any other security concept: Layer by layer, a variety of cybersecurity tools and procedures are used to provide close-knit protection around the company's IT infrastructure. This approach is not new, but in practice it is becoming increasingly clear that it does not make sense, as even the best firewall, the most fine-grained DNS filter, a holistic EDR (Endpoint Detection and Response) tool, and the most sophisticated cloud access security Brokers (CASB) and other “best of breed” security solutions alone are not enough. As the following three examples make clear, the human factor plays an essential role in cybersecurity.
1. The configuration chaos is difficult to control
“A lot helps a lot” is a double-edged sword in the context of cybersecurity: Many cybersecurity tools only help if the appropriate specialist staff is available to implement, configure, manage and maintain them. However, this is the case in very few companies and even if there is a large IT team, the sheer number of cybersecurity tools that companies use is far too large. Various studies confirm that, on average, organizations use more than 40 security solutions. This flood of software is rarely manageable by small and medium-sized companies or even corporations.
2. There is a risk of “Alert Fatigue”.
Another problem with a very large number of cybersecurity tools is the constant alarm messages and warnings: Anyone who surfs the Internet and uses a pop-up blocker is familiar with the many warning messages, and the typical virus scanner for the operating system also flashes almost constantly - and these are Tools for a single user. Scaled to a company's employees and the multitude of additional cybersecurity tools used by both end users and security teams, the number of alerts quickly increases to an unmanageable level. What then follows is what is known as “Alert Fatigue”. It ensures that IT teams can hardly distinguish between critical and non-critical warnings, creating gaps in the defense against hackers.
3. Even under the best of circumstances, security teams are overloaded
Even if the IT team has the extensive tool set and notification settings perfectly configured, the end of the proverbial flagpole has not yet been reached. The threat situation is getting worse every year: the sheer volume of cyber attacks is increasing and generative AI is further expanding the technological possibilities for hackers. As a result, security teams have to fight much deeper and more intensively against the flood of attacks - the important actions of taking preventative measures and conducting threat intelligence often fall by the wayside.
“Companies need to understand that more cybersecurity tools do not necessarily mean more security,” warns Jochen Koehler, VP EMEA Sales at Ontinue. “No matter how safe defense in depth may look in theory, very few companies can implement this approach practically and, above all, successfully without massive personnel expenditure. You should therefore think carefully about whether it makes more sense to invest your already often tight budget in an externalization that offers you the highest level of protection and the greatest possible resilience with minimal personnel and software acquisition costs.
More at Ontinue.com
About Ontinue
Ontinue, the expert in AI-powered Managed Extended Detection and Response (MXDR), is a XNUMX/XNUMX security partner headquartered in Zurich. To continuously protect its customers' IT environments, assess and continuously improve their security posture, Ontinue combines AI-driven automation and human expertise with the Microsoft security product portfolio. Through the intelligent, cloud-based Nonstop SecOps platform, Ontinue's protection against cyber attacks goes far beyond the basic detection and response services.
Matching articles on the topic