CISOs Struggling With 50+ Separate Security Tools

Written by

Organizations are struggling to gain real-time visibility into their security technologies and suffering from an excessive number of tools running across the enterprise, according to new research from Panaseer.

The security monitoring firm polled 200 enterprise CISOs to better understand their key strategic challenges, as part of its first Security Leader’s Peer Report.

It revealed that 87% are struggling to gain any meaningful insight into trusted data, while a sizeable minority (31%) are concerned this may impact their ability to comply with key regulations.

Complex, siloed IT systems are compounding these challenges, the report found.

On average, responding organizations are running 57 separate security tools. Over a quarter (27%) claimed to be running a staggering 76+ discrete security products.

These aren’t necessarily making the organization any safer – in fact, they may be working to do the opposite. Over 70% of respondents admitted that they don’t even evaluate their security tools based on how effectively they reduce cyber risk.

The result is that enterprises are often flying blind when it comes to security, with security teams forced to spend much of their valuable time producing reports manually. This was cited by over a third (36%) of respondents.

The administrative burden of formatting and presenting data, working with spreadsheets and compiling data for regulators and the board is an overhead that stretched security teams can ill afford, according to Panaser CTO Charaka Goonatilake.

Instead of deploying scarce cyber-experts to improve security in the business, they’re wasting their talents on manually constructing reports in an attempt to provide visibility into security posture,” he told Infosecurity.

He argued that automation is an opportunity to accelerate decision making, reduce error and enhance visibility.

Automating the end-to-end process of creating a complete, accurate and up-to-date view of an organization's security posture on a daily basis requires collection, cleansing and analysis of data from dozens of sources followed by formatting and presenting the generated insights,” Goonatilake added. 

“Manual reports are so prone to error, as they can only give a single snapshot in time and are then out of date almost immediately.”

What’s hot on Infosecurity Magazine?