Security solutions that protect mid-market organisations do not always offer the holistic protection needed to defeat modern threats.
When it comes to cyber security, complexity can be the enemy of safety. To protect themselves against the myriad threats of today, mid-market companies often rely on dozens of security tools and platforms. These products may work well alone, yet when operating together they hinder security efforts, with one of the main failures being the lack of intelligence-sharing capabilities between services. Without the ability to distribute intel in real-time, defenders are put at a competitive disadvantage against cyber criminals.
IBM’s most recent Cyber Resilient Organisation Report revealed that the average company uses 45 cyber security products and found that “response efforts were hindered by the use of too many security tools”. “The number of security tools that an organisation was using had a negative impact across multiple categories of the threat lifecycle amongst those surveyed,” IBM wrote. “Organisations using 50+ security tools ranked themselves 8% lower in their ability to detect, and 7% lower in their ability to respond to an attack than those respondents with fewer tools.”
A tendency for ‘coopetition’, rather than collaboration
Security teams are already time-pressed and overloaded with ‘fake news’ – false alerts which fill up their working hours with wasted effort. If the point security products cannot talk to each other and share threat intel effectively, they are effectively fighting with one hand tied behind their backs.
Organisations using 50+ security tools ranked themselves 8% lower in their ability to detect, and 7% lower in their ability to respond to an attack than those respondents with fewer tools
Vendors have started to build cyber intelligence sharing mechanisms into their products, but a tendency towards “coopetition” rather than full cooperation means they often compete as much as they collaborate. For businesses, this means that attack intelligence picked up by a cloud security solution may not be automatically shared with a separate product from another vendor that is protecting cloud, web and email. This failure of communication is not just a nuisance, but a security risk. If security services can’t talk to each other, they can’t work together properly.
When one door closes, another is pushed open
Hackers don’t just give up when they see that one door is closed. Instead, they regroup and seek other ways of getting past defences. Today, we’re seeing more and more cross-channel attacks that highlight the risk of failing to use cyber security protection that shares intelligence effectively across multiple entry points.
Roughly 90% of breaches start with a phishing email. Falling victim, and handing over the credentials that allow hackers to mount an attack, is more common than you might think. Installing a modern, multi-layered email security system is the obvious response to this threat, offering a defence against phishing, malware, targeted attacks, and CEO fraud.
Roughly 90% of breaches start with a phishing email
Yet cross-channel attacks can easily bypass these protections by drawing victims out of the protection of email security and into dangerous territory on the web or in the cloud. Cross-channel attacks don’t end in the inbox, but instead, tempt people away from the protection of email security systems and onto malicious apps or websites. If the various services that make up an organisation’s digital defences cannot communicate properly, what chance do they have of defeating an attack that uses more than one channel?
The Power of a Platform
The IBM Cyber Resilient Organisation Report hints at a solution to the intelligence-sharing problem when it says: “The use of open, interoperable platforms as well as automation technologies can help reduce the complexity of responding across disconnected tools.”
Security platforms incorporating many different products and services are one way of tackling the threat intelligence deficit, offering control and confidence across channels. Platforms use just one interface, which allows organisations to gain holistic visibility of their defences. They should start by protecting their biggest attack surface – web, cloud, and email.
Automation is a bare minimum requirement of platforms, which should distribute intel without relying on manual work from a human. Today’s security platforms should also be autonomous: they need to be smart enough to tackle new, emerging threats, rather than just performing rote automated tasks.
Mid-market businesses have laboured for too long under the burden of point products that cannot communicate with each other. Autonomous integrated security platforms are finally lifting this weight and allowing the flow of information that’s needed to protect against modern threats.
Please let us know if you'd like to receive more information about this topic and one of our specialists will be in touch.
More in Cloud Security
Thousands of policies to consider, while only a few are enforced.
How the cloud has become an extension of your attack surface, and how to secure it.
Expert insights from Barracuda’s security frontline.
Why incremental cyber security fixes don’t work.
Efficiently empower defenders and disarm intruders.
How to create a truly agile and secure M365 environment.
Simplify management of your users' devices.
IDC research paper into the business case.
Best-in-class devices. Zero touch provisioning.
Three ways Microsoft Surface is an ideal platform for retail digital transformation.
How Surface helps retailers navigate it.
What makes digital solutions the perfect option.
Share this story