In trying to fend off destructive cyberattacks, too much of a good thing may leave you open to bad things. A new survey from IBM Security found that organizations that rely on “an overabundance” of cybersecurity tools may be hindering their ability to respond to attacks.
The survey, included in IBM Security’s 2020 Cyber Resilient Organization Report, found that companies were using, on average, 45 different cybersecurity tools. But organizations using 50 or more security tools ranked themselves 8 percent lower in being able to detect an attack and 7 percent lower in their ability to respond to an attack compared with companies using fewer than 50 tools. The organizations responding to the survey said each security incident needed the coordination of 19 separate cybersecurity tools, on average. More than 3,400 IT pros from around the world responded to the survey.
One possible solution for having too many disjointed cybersecurity tools is automation because it can take the guesswork out of deciding which tool to use to find and stop attacks. “The use of open, interoperable platforms as well as automation technologies can help reduce the complexity of responding across disconnected tools,” IBM Security said.
No plans at all
There were also some troubling results regarding how well-prepared organizations are to find or mitigate cyberattacks. According to the survey, 74 percent of organizations reported that their cybersecurity defense plans “are either ad-hoc, applied inconsistently, or that they have no plans at all.” IBM Security notes that not being adequately prepared can lead to considerable costs to recover from an attack. The survey found that organizations that have incident response teams and extensively test their incident response plans “spend an average of $1.2 million less on data breaches” than companies that don’t have these cybersecurity defenses in place.
The survey also found that businesses “have slowly improved in their ability to plan for, detect, and respond to cyberattacks.” Still, their ability to contain a successful attack has fallen by 13 percent.
Raising the stakes: Remote work and ineffective cybersecurity tools
And things may get even worse. As remote work grows in popularity because of the COVID-19 pandemic, new attack vectors are created and exploited by cybercriminals. The 2020 Cyber Resilient Organization Report noted that “businesses may be relying on outdated response plans” or ineffective cybersecurity tools that “don’t reflect the current threat and business landscape.”
But there were some positive takeaways. Only 39 percent of companies that had a cybersecurity incident response plan in place suffered an attack that caused a “significant disruption” to the business. Conversely, 62 percent of companies without a cybersecurity incident response plan experienced major disruptions after a cyberattack.
Featured image: Shutterstock