Global email and data security company Mimecast has announced the availability of Decluttering Your Security Environment, the latest eBook from the Cyber Resilience Think Tank (CR Think Tank). The eBook is designed to provide expert insight and prescriptive advice to global industry influencers on how the industry may be to blame for all this complexity in security environments, best practices to effectively reduce security risk by minimising complexity, and considerations for hiring the next generation of security professionals.
The explosion of cloud, mobile technology, social media and Internet of Things in the enterprise has led to a much larger attack surface for cybercriminals to exploit. To defend this larger attack surface, companies often acquire new technology. In fact, the average number of security tools in an enterprise is 75 according to some industry reports. Although well intentioned, this approach can be counterintuitive, as it results in too much complexity.
CR Think Tank members gathered earlier this year to discuss how the complexity of a security environment can contribute to inefficiencies and ultimately, risk. Decluttering Your Security Environment details how security environments became cluttered in the first place, how it’s directly related to the cybersecurity skills gap and what organisations can do to minimise complexity. This report offers key insights to reduce the overall risk of an organisation through simplifying IT infrastructures, helping to improve the effectiveness of their security environments. Specifically, the CR Think Tank members offer three key points for organisations preparing to declutter their IT security environment:
Know what you have, use it and connect it. As security vendors make advances to their products, companies may not be aware of new features and functionality. A key first step is to turn on all of the relevant features when assessing what products are needed.
Don’t bite off more than you can chew. Consider a plan where you take a methodical approach to see incremental improvement over a finite period. Even if the changes are minute, they can add up to a more secure, less complex environment over time.
Consider your resources. When adding new services to the security stack, ensure that it’s correct for the environment, specifically the resources and employees required to implement and manage it.
“Despite the number of tools and technologies on the market rapidly multiplying, the rate of attacks isn’t slowing down,” said Joshua Douglas, CR Think Tank member and VP of Threat Intelligence at Mimecast. “Organisations often struggle to navigate through the complexity of having multiple security tools and under-resourced IT and security teams. There’s a need for the industry to work better together to help improve organisations’ security postures.”
Discussion about this post