New IBM Research Puts a Fine Point on How Complexity Impedes Effective Cybersecurity

by Amy Larsen DeCarlo, posted in Secure
Amy Larsen DeCarlo – Principal Analyst, Security and Data Center Services

Summary Bullets:

• IT security teams contend with managing dozens of individual security solutions, often with less than stellar results.

• In a recent study conducted by IBM and Palo Alto Networks, 52% of the surveyed executives call out complexity as being the biggest obstacle to effective security.

Cybersecurity has never been a simple exercise. As enterprises have evolved to become distributed and virtual, the perimeter has faded, and IT has had to find new ways to protect enterprise assets. The move to hybrid and remote operations in recent years has only complicated this further. Add budget pressure and limited internal security expertise, and the pressure becomes that much more intense.

A recently published survey of 1,000 executives in 18 countries, Capturing the Cybersecurity Dividend, found much of the struggle associated with security efforts has to do with the infrastructure itself. Research, conducted by the IBM Institute for Business Value in conjunction with Palo Alto Networks, notes that the average enterprise has 83 security products from 29 vendors. Security professionals have long complained about how not only difficult it is to manage these heterogeneous environments but also how hard it is to correlate relevant data from these disparate sources. For these reasons, more than half of the survey participants say the convoluted nature of their security infrastructure is the biggest barrier to maintaining a solid defense.

In this case, complexity leads to inefficiency, which then translates into costs from losses in productivity and assets. The research notes that the average expense associated with security complexity is more than 5% of an enterprise’s revenue. An organization with $20 billion in revenues annually would take a more than $1 billion hit related to security events, productivity issues, and reputation damage.

Some organizations are moving away from the ad hoc security architects toward a platform-based approach that streamlines processes and accelerates threat detection. The research reports that, on average, enterprises that have deployed a security platform detect an incident 72 days sooner than those running a more piecemeal security infrastructure. Platformed enterprises contain an incident 84 days sooner than those with a hodgepodge of security solutions.

Vendors and service providers are also beginning to incorporate and improve upon AI technology in security solutions. Machine learning (ML) has been used for years in threat detection to discern real threats from harmless anomalies. Anecdotally, security professionals report a marked improvement in accuracy and speed of their threat detection solutions over the last several years. Security providers are now using AI in other areas such as identity and access management. Capabilities such as natural language processing and sentiment analysis make AI a promising element for enterprise risk management.

While AI is emerging as an important tool in security, it is clear that organizations, which are struggling to manage their current security, need to take a step. Enterprises should evaluate on a regular basis the efficacy of their security technology, processes, policies, and practices. All organizations need a path forward to optimize the resources they have and shed the solutions that aren’t delivering value.

Leave a Reply