What’s In the CISO Toolbox?
April 20th, 2017
Ed Snodgrass, CISO, Secure Digital Solutions
The number and type of cybersecurity tools has exploded. It’s virtually impossible for a security executive to stay current on what’s available. Because of this, rather than adopting new products, it’s common practice for companies to continue to leverage and update what’s in place or choose a large vendor that has a deep and varied set of technologies. Both approaches have benefits. But both approaches have potential pitfalls as well. Continuing to adapt current tools and controls minimizes wholesale change and leverages familiarity, but may lead to passing up something that may significantly bolster your risk mitigation strategy. On the other hand, partnering with a large portfolio vendor may provide broad functionality and smoother integration but may run the risk of having to mold your capabilities around the tool set instead of using the tool set to support and automate your capabilities. It’s not uncommon for organizations to employ upwards of 50 security tools with as much as 50% of the functionality within those tools going unused. How do you decide?
There are some good sources. Reaching out to your trusted peer network is a good start. We’re all battling the same challenges (on differing scales), and the feedback from and discussion with fellow security leaders goes a long way toward determining the enterprise viability of a particular technology that’s based on real-world experience ‘in the trenches’ versus a perfect-world pitch. Information sharing entities are beneficial as well. The various Information Sharing Analysis Centers (ISACs) provide an environment that fosters collaboration and best-practice across industries.
These (and other places) are great examples of gathering background information to help in making technology decisions but ultimately, you have to make the decisions based on what you need and what will work in your environment. And technology is only as good as the processes it enhances and the objectives it accomplishes. Get back to basics by analyzing, evaluating and improving the performance of your core processes, allowing you to determine where technology can provide the best enhancements.
We can show you where you need tools and how your resources should be applied.