Beating Vendor Fatigue: Considerations for Choosing the Right Cybersecurity Provider

Posted on February 12, 2019
Author: RunSafe Security

Organizations often perceive cybersecurity as a necessary evil. They know that it’s critical to protect business assets but it’s seldom seen as a driver that helps move the business forward. It’s a checkbox, a requirement that is begrudgingly addressed to reduce risk and remain in compliance.

There are massive amounts of dollars and people-hours that go into securing IT infrastructure, from the core of a data center to the most remote endpoint. Dollars are spent on tools, security operations, and employee salaries. In 2018, Global IT Security spending hit $114B according to Gartner, and is estimated to grow to $124B in 2019. This adds considerable overhead; thus, it is understandable why security is often viewed as a drag on the business.

So how should a company choose which provider will give a real sense of safety against cyber threats?

The first rule of cybersecurity selection – the vendor must do no harm

When evaluating cybersecurity solutions, organizations should seek to do no harm to their business. From an end user perspective, several questions must be asked about the technology:

  1. Will it increase user friction?
  2. Will it be harder to access key resources?
  3. If implemented, will the workforce come running after IT with pitchforks and torches?

From an infrastructure perspective:

  1. Will it increase operational overhead?
  2. Will the IT environment become more complex?
  3. Does the solution introduce more false positives?
  4. Does it require more human resources to operate the solution?

There will always be some level of complexity and operational impact with any approach, but increased end user friction and unnecessary constraints on IT can be avoided.  Secure biometric authentication and seamless VPN connectivity on modern mobile devices has proven this is possible. Additionally, leveraging AI to take the guess work out of identifying malicious behavior in an IT environment is here today. These are just two examples and there are many and more emerging at a rapid pace.

Get someone else to paint your “security” fence

While the ultimate responsibility to provide a secure IT environment falls on the shoulders of the IT staff, perhaps it’s time to demand more of your vendors. Security practitioners spend inordinate amounts of time pressing their vendors for more secure solutions. Driving them to deliver patches more quickly, integrate with a specific SIEM platform, implement more secure encryption protocols, provide more granular control of resources…oh and by the way, on a single pane of glass for ease of management. Instead, how about a cybersecurity tool that avoids additional operational overhead and reduces complexity? Perhaps a solution that protects itself with zero human intervention?

 

How many analysts does it take to use an automated security solution?

Cybersecurity professionals are in demand, but is it always for the right reasons? There’s some amazing technology coming being incubated, but much of it requires boots on the ground to implement and maintain. Early on, the industry erred too heavily to the side of prevention at the sacrifice of end user experience and business agility. We locked everything down, applied heavy encryption, added multiple layers of authentication and blocked access to anything non-essential. It didn’t require a ton of human capital to implement and run, but it did lead to shadow IT which ultimately opened the door to new attacks.

To reel things back in, we’ve pivoted to a detect and react cybersecurity posture. This has led to an explosion in AI based malware detection solutions.  (Conversely, according to McAfee, it’s also led to an increased use of AI within the hacker community.) So, what’s the downside?  Businesses are being forced to hire more cybersecurity practitioners to deal with the onslaught of tools, the multiple panes of glass, the ever-growing list of processes and procedures to manage this “high awareness-highly reactive” security posture. They’re now screaming, “Don’t give me another monitoring tool, give me a solution!”

Taming the runaway cybersecurity solutions train

Ask any CIO or CISO about solution fatigue in the cybersecurity space and you’ll get an earful.  Through November of 2018, 383 new cyber security firms secured investment funding, and 172 firms were acquired or merged. Consolidation is happening, but its far outpaced by solution provider growth. Customers are finally saying enough is enough, just bring me a solution that stops the bad guys and doesn’t make my life more complex.  They have shareholders and board members expecting them to leverage security to drive the business forward, not hold it back. They’re telling their IT vendors to deliver a more secure product, but don’t make me spend my scarce resources securing it. Luckily, some of the innovation we’re seeing in cybersecurity delivers on that request.

It’s one thing to tell your IT vendors to improve their security, but it gets really exciting when they’re able to deliver improved security with minimal effort. This is beginning and it’s being driven by cutting edge cyber hardening technology based on Runtime Application Self Protection (RASP) and Moving Target Defense (MTD) techniques that infuse native protections in software itself.

Imagine server firmware…or automotive control board firmware… or virtual machine code that’s hardened against an entire class of cyberattacks. The code can literally protect itself and thwart the attempted attack. No software agents, no monitoring tools, no additional overhead, just good old hardened code impervious to common attack methods.

When cyberattacks occur, they wreak havoc on an organization. Productivity and damage to the brand have an impact on revenue. According to a recent survey by radware, 78% of respondents said attacks caused either significant service degradation or a complete outage.  The hit to productivity was the most damaging element of an attack.

This has been one of the key drivers prompting organizations to harden their software based on RASP and MTD technology. These solutions generally require minimal effort to integrate, which is great for the security vendor. For their customers, it’s great because the protections are native, built-in to the software. No additional overhead on an already taxed security operations team.

 

It’s a classic win-win scenario

Both the security vendor and their customers benefit because RASP & MTD are lightweight integrations which deliver massive improvements in security with minimal impact to operational overhead. This allows the vendor to spend more time enhancing the overall capabilities of their solution, while their customers put more resources into broader strategic initiatives. Organizations on both sides of the equation can move with agility and focus on areas that drive the business forward. Happily, end users are unencumbered, IT departments can focus on advancing initiatives, and company executives can sleep well at night!

To learn more about RunSafe Security and our approach to RASP and MTD, click here https://runsafesecurity.com/how-it-works/.