For HomeFor BusinessFor Partners
Business Insights
4 min read

Forrester: Cybersecurity Requires the Right Tools, Not More Tools

Filip Truta

September 30, 2019

Forrester: Cybersecurity Requires the Right Tools, Not More Tools

The disparity of technologies that enterprises use to secure their IT infrastructures don’t provide a complete, real-time view of cybersecurity risk, a Forrester survey reveals. The research also shows the abundance of deployed tools leads to a false sense of confidence.

64% of companies are making it a high priority to implement a risk framework aligning cybersecurity risk and enterprise risk, according to the survey of 250 senior security decision-makers. Most companies use multiple technologies to identify and mitigate enterprise risk, including security analytics, vulnerability management, governance, risk, and compliance (GRC), as well as vendor risk management platforms.

“Increasing the number of security technologies doesn’t translate to improved security, however … The abundance of technology investments gives firms a false sense of confidence in their security posture,” the report says.

Almost every respondent reported challenges with existing tools, including manual reporting, an incomplete view of asset inventory and controls, and the insufficient visibility inherent to point-in-time solutions.

Asked to name the technologies used to identify and understand enterprise risk, respondents said:

  • Security and analytics platform (83%)
  • Security information and event management (SIEM) technology (80%)
  • Vulnerability management technology (70%)
  • Governance, risk and compliance (GRC) platform (64%)
  • Vendor risk management technology (61%)
  • Third party risk intelligence feeds (57%)

While companies report confidence in their security management efforts, their challenges paint a different picture.

86% are confident they have no gaps in the disparate security controls deployed across devices, applications, people and data. And 78% say they take a centralized approach to risk management across their organizations.

“If true, this means they have a common risk taxonomy across the organization, manage technologies centrally, and aggregate and share risk data across business units,” Forrester researcher wrote. “The menagerie of disjointed technologies makes it difficult to aggregate risk data for reporting, often requiring manual effort. This, in turn, hinders them from having insight into their overall risk posture.”

Researchers found gaps between the challenges companies face with cybersecurity.

“In fact, challenges companies are experiencing indicate a gap in perception versus reality,” they said.

Asked to name those challenges, respondents pointed to:

  • Controlling coverage gaps across security functions (56%)
  • Viewing a comprehensive list of assets across the organization (43%)
  • Collecting, normalizing, aggregating, deduplicating and correlating disparate data (39%)
  • Tracking which assets and controls do not meet regulatory and compliance policies (39%)
  • Determining the effectiveness of security controls (38%)
  • Getting a real-time view of corporate risks (37%)
  • Tracking performance of security controls over time (37%)

Companies are therefore increasing their risk of a data breach. The report concludes that, as technology investments provide a false sense of confidence, security leaders must understand that a strong cybersecurity posture means the right tools -- not more tools.

tags

Business Insights

Author

Filip Truta

Filip Truta

Filip is an experienced writer with over a decade of practice in the technology realm. He has covered a wide range of topics in such industries as gaming, software, hardware and cyber-security, and has worked in various B2B and B2C marketing roles. Filip currently serves as Information Security Analyst with Bitdefender.

View all posts

Right now Top posts

ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again
Ransomware Threat Research Threat Intelligence

ShrinkLocker (+Decryptor): From Friend to Foe, and Back Again

November 13, 2024

Bitdefender Threat Debrief | November 2024
Enterprise Security Ransomware Bitdefender Threat Debrief

Bitdefender Threat Debrief | November 2024

November 07, 2024

5 Approaches to Counter a Cybercriminal’s Growing Arsenal
Enterprise Security Threat Research

5 Approaches to Counter a Cybercriminal’s Growing Arsenal

November 06, 2024

Bitdefender Threat Debrief | October 2024
Enterprise Security Ransomware Bitdefender Threat Debrief

Bitdefender Threat Debrief | October 2024

October 10, 2024

FOLLOW US ON SOCIAL MEDIA

SUBSCRIBE TO OUR NEWSLETTER

Don’t miss out on exclusive content and exciting announcements!

You might also like

Empowering MSP Workflows: Bitdefender’s New ConnectWise PSA Integration Update
Enterprise Security Endpoint Protection & Management

Empowering MSP Workflows: Bitdefender’s New ConnectWise PSA Integration Update
Bitdefender Enterprise

November 21, 2024

Security Advisory: Adversaries Abuse Microsoft Teams and Quick Assist
Enterprise Security Endpoint Detection and Response

Security Advisory: Adversaries Abuse Microsoft Teams and Quick Assist
Jade Brown and Nikki Salas

November 20, 2024

Balancing User Experience with Security: A New Frontier for CISOs in Minimizing Business Risk Exposure
Enterprise Security Endpoint Protection & Management Endpoint Detection and Response

Balancing User Experience with Security: A New Frontier for CISOs in Minimizing Business Risk Exposure
Daniel Daraban

November 19, 2024

Bookmarks

loader