Got cybersecurity tools? Good. Got too many? That may be a problem

In trying to fend off destructive cyberattacks, too much of a good thing may leave you open to bad things. A new survey from IBM Security found that organizations that rely on “an overabundance” of cybersecurity tools may be hindering their ability to respond to attacks.

The survey, included in IBM Security’s 2020 Cyber Resilient Organization Report, found that companies were using, on average, 45 different cybersecurity tools. But organizations using 50 or more security tools ranked themselves 8 percent lower in being able to detect an attack and 7 percent lower in their ability to respond to an attack compared with companies using fewer than 50 tools. The organizations responding to the survey said each security incident needed the coordination of 19 separate cybersecurity tools, on average. More than 3,400 IT pros from around the world responded to the survey.

One possible solution for having too many disjointed cybersecurity tools is automation because it can take the guesswork out of deciding which tool to use to find and stop attacks. “The use of open, interoperable platforms as well as automation technologies can help reduce the complexity of responding across disconnected tools,” IBM Security said.

No plans at all

There were also some troubling results regarding how well-prepared organizations are to find or mitigate cyberattacks. According to the survey, 74 percent of organizations reported that their cybersecurity defense plans “are either ad-hoc, applied inconsistently, or that they have no plans at all.” IBM Security notes that not being adequately prepared can lead to considerable costs to recover from an attack. The survey found that organizations that have incident response teams and extensively test their incident response plans “spend an average of $1.2 million less on data breaches” than companies that don’t have these cybersecurity defenses in place.

The survey also found that businesses “have slowly improved in their ability to plan for, detect, and respond to cyberattacks.” Still, their ability to contain a successful attack has fallen by 13 percent.

Raising the stakes: Remote work and ineffective cybersecurity tools

And things may get even worse. As remote work grows in popularity because of the COVID-19 pandemic, new attack vectors are created and exploited by cybercriminals. The 2020 Cyber Resilient Organization Report noted that “businesses may be relying on outdated response plans” or  ineffective cybersecurity tools that “don’t reflect the current threat and business landscape.”

But there were some positive takeaways. Only 39 percent of companies that had a cybersecurity incident response plan in place suffered an attack that caused a “significant disruption” to the business. Conversely, 62 percent of companies without a cybersecurity incident response plan experienced major disruptions after a cyberattack.

Featured image: Shutterstock

Peter King

Peter King has been Managing Editor at TechGenix since July 2016. As a technology editor, reporter, and columnist, he has worked at some of the biggest U.S. newspapers, where he directed coverage of breaking news stories and steered award-winning projects from conception to publication.

Share
Published by
Peter King

Recent Posts

The new brain drain: What if WFH tech employees don’t come back?

Offices are reopening, but after months of a work-from-home routine, many employees may not want…

9 hours ago

Amazon Fraud Detector generally available

Online payment frauds are a threat to any company doing business on the Web. Amazon…

12 hours ago

Identity and access management sector buzzes with new funding, partnerships, solutions

Because no organization wants to end up in the headlines for a data breach, there…

15 hours ago

Remove virtual machines and virtual hard disks completely with PowerShell

Deleting virtual machines is easy, but if you don’t also remove virtual hard disks, you…

1 day ago

Secure your WordPress website: Simple steps to stay safe

Many small businesses use WordPress to build their website. And while WordPress has many options…

2 days ago

Qumulo raises $125M for cloud data management across a hybrid setup

Qumulo is an up-and-coming data management solution focusing on managing files in a hybrid setup.…

4 days ago