Maximizing ROI from Existing Security Tools

The above infographic displays, with the help of magnifying glass, just how crowded and blurry the cybersecurity market is, yet, we are arguably less secure than ever.

These tools tend to accumulate from tactical purchases and often only solve part of the problem and/or overlap with existing tools. For many enterprises that have built up significant portfolios the first step to better “security health” is a security rationalization process where ROI is calculated.

If your organization has purchased several tools over the course of its lifetime, the practice is a great way to spot redundancies and “de-dup”. For those who have postponed major purchases, the rationalization process will highlight gaps or where there have been under-investments. Put simply, the best rationalization projects enhance new and more customer-centric ways of delivering services by seamlessly integrating security into application delivery processes — even as demand grows exponentially.

The key steps to security rationalization include:

Defining the desired end-state goal and working backwards to accomplish it. The same goal-defining concept should be applied to an overall resiliency plan in order to shore up business strategy. While this goal may vary slightly, a solid security rationalization exercise should enable you to answer the question: How secure are we?

It may make sense to gain buy-in from the C-Suite and Board by drafting a charter with a mandate defining and driving the project. The project should be scoped, allocated resources and budget, and governance systems should be put in place to maintain control and integrity. It’s equally important to understand how secure the entire enterprise is, as well as how secure individual systems are — all the way down to the source code level (i.e. GitHub Repositories).

Understand your security posture; Companies undertaking security rationalization typically fall into 4 buckets: those that have either over-invested, under-invested, don’t know the extent of their security capabilities, or are faced with new regulations that require them to demonstrate compliance and maintain it continuously.

Inventory

The next step is to take inventory of your existing portfolio of security tools and services. This should involve more than simply looking at software, it should take into account people and their skills, processes and systems. This overall assessment will help expose any gaps in coverage that exist as well as any technology overlap.

Classify

Next, classify everything into multiple tiers based on needs and data sensitivity. Tier 1 may need a system of tools that Tier 2 does not require. There may be an additional Tier that doesn’t fall into any category and requires its own subset of tools or protection.

Map Back To Desired Business Outcome

Once you’ve identified the gaps in your security protection compare it to the initial goals and objectives. There may be a mission-critical processing system that is not getting enough attention with current systems so you’re not able to scan-certify them when rolling in patches.

Make It Right

Chances are good you’ll find something amiss, lacking or broken in some fashion. The options moving forward include fixing the problem in-house, hiring professional services that can contract out the problem(s) for you, or investing in emerging tech such as security virtualization to fill any holes as a service.

If you find that you don’t have tools, have too many or don’t know enough you may want a solution that helps you automate or integrate it all. Especially if you don’t have the time, money or personnel to find and fix vulnerabilities quickly across your environments. The cleanup can include replacing, retiring, modernizing or consolidating applications.

At Cybric we’re building the fabric that will connect and layer over existing and future point tools. We’re excited about a future with fewer solutions competing for the same purpose and offering everything in a single pane of glass.