Acceleration Economy
  • Home
  • Cloud Wars
  • Analyst Content
    • By Category
      • AI/AI Index
      • Cloud/Cloud Wars
      • Cybersecurity
      • Data
    • By Interest
      • Leadership
      • Generative AI
      • Partners Ecosystem
      • Process Mining
      • Sustainability
    • By Industry
      • Financial Services
      • Healthcare
      • Manufacturing
      • Retail
    • By Type
      • Guidebooks
      • Summits
      • Roundtables
      • Video Moments
    • By Vendors
      • All Vendors
      • AI/Hyperautomation
      • Cloud
      • Cybersecurity
      • Data
  • Courses
    • Cloud Wars Top 10
    • Cultural Impact of GenAI
    • Cocreation in the AI Ecosystem
    • More …
  • What we do
    • Advisory Services
    • Marketing Services
    •  Event & Education Services
  • Who we are
    • About Us
    • Practitioner Analysts
  • Subscribe
Twitter Instagram
  • Summit NA
  • Dynamics Communities
  • AI Ecosystem
Twitter LinkedIn
Acceleration Economy
  • Home
  • Cloud Wars
  • Analyst Content
        • By Category
          • AI/AI Index
          • Cloud/Cloud Wars
          • CybersecurityThe practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks.
          • Data
        • By Interest
          • Leadership
          • Generative AI
          • Partners Ecosystem
          • Process Mining
          • Sustainability
        • By Industry
          • Financial Services
          • Healthcare
          • Manufacturing
          • Retail
        • By Type
          • Guidebooks
          • Summits
          • Roundtables
          • Video Moments
        • By Vendors
          • All Vendors
          • AI/Hyperautomation
          • Cloud
          • Cybersecurity
          • Data
  • Courses
    • Cloud Wars Top 10
    • Cultural Impact of GenAI
    • Cocreation in the AI Ecosystem
    • More ...
  • What we do
    • Advisory Services
    • Marketing Services
    •  Event & Education Services
  • Who we are
    • About Us
    • Practitioner Analysts
  • Subscribe
    • Login / Register
Acceleration Economy
    • Login / Register
Home » How to Manage Cybersecurity Tool Bloat
Cybersecurity as a Business Enabler

How to Manage Cybersecurity Tool Bloat

Robert WoodBy Robert WoodJanuary 3, 2023Updated:March 20, 20234 Mins Read
Facebook Twitter LinkedIn Email
cybersecurity tools
Share
Facebook Twitter LinkedIn Email
Acceleration Economy Cybersecurity

The over-proliferation of tools in the cybersecurity field is all too common. Promotional emails about tools dominate security team inboxes. Conferences are filled with vendors promoting their latest tools.

Given the circumstances, it’s common for teams to have excess tools, a problem sometimes referred to as shelfware. This can strain precious team resources such as time, focus, and budget. This analysis will explore different techniques to optimize your portfolio to create a more sustainable, and manageable, set of tools for security teams.

Portfolio Mapping

First, let’s step back and look at the big picture. Tools like the Cyber Defense Matrix can map every tool in the portfolio, providing insights on:

  • Overlap in coverage (protecting devices or identifying assets)
  • Gaps in coverage (areas not yet protected by a cybersecurity tool)

Depending on the organization, breaking down the asset classes in this matrix (device types, application types, network types, etc.) may be necessary. If overlapping tools are identified, and there isn’t a strong reason for the two (or more) to coexist, there’s very likely an opportunity for consolidation.

During portfolio mapping, it’s essential to ask whether each tool is actually being used. If it’s not, the tool should still be included but with a qualifier that it’s not being actively used or has become full-blown shelfware.

Integration Capabilities

Not all tools offer rich integration capabilities, such as a well-documented application programming interface (API) or connectors to other security/IT tools. There is an emerging trend across cybersecurity teams to stitch multiple tools together to create powerful workflows. But if tools don’t offer any means of seamlessly integrating with other systems in your environment, they will likely require lots of manual work and intervention.

Aggressively review your tools portfolio for those tools that necessitate manual work or require your team to be stuck in that tool’s interface to make it work — as opposed to integrating via an API to a programmatic workflow.

Which companies are the most important vendors in cybersecurity? Check out
the Acceleration Economy Cybersecurity
Top 10 Shortlist
.

Cost vs. Benefit Analysis

With a full breakdown of the tools currently supported in the budget, it can be incredibly enlightening to fully enumerate what the environment looks like. Cost comes in many forms, not just what is represented on a budget spreadsheet. Look at each of the tools from the following perspectives:

  • Annual cost in dollars
  • Person time spent maintaining the tool
  • Person time spent actually using the tool
  • Coverage across the environment by the tool; for example, a SaaS Security Posture Management (SSPM tool) that is only being used on 2% of the organization’s application portfolio needs to be heavily scrutinized.

Quantifying the benefit of a given tool is not always possible, especially given the diversity in the field. To that end, qualitative statements of the benefit being received from a given tool can be useful to weigh alongside the hard cost.

Concluding Thoughts

Cybersecurity tool bloat is a real problem in many teams. So often, tools are purchased with the best of intentions. The tool sounds promising in the sales process; customer service is there to help with the more complicated parts of a tool’s interface or to resolve problems. But as things come up and draw focus away from deploying and capitalizing on a given tool, tools can quickly start to collect dust as they are used on a limited basis.

The work isn’t cutting edge, but going through the process of managing a portfolio of tools and optimizing it step by step can help teams create a more sustainable workload. It will also have a positive budget impact. Using fewer tools overall, but using them to the absolute maximum potential without unnecessary strain, is a worthy outcome of evaluating your cybersecurity portfolio.

click here to join the conversation on linkedin

Want more cybersecurity insights? Visit the Cybersecurity channel:

Acceleration Economy Cybersecurity

API Budgeting Cybersecurity featured integration
Share. Facebook Twitter LinkedIn Email
Guest Analystuser

Robert Wood

CISO
Executive Branch Agency

Areas of Expertise
  • Cybersecurity

Robert Wood is an Acceleration Economy Analyst focusing on Cybersecurity. He has led the development of multiple cybersecurity programs from the ground up at startups across the healthcare, cyber security, and digital marketing industries. Between experience with startups and application security consulting he has both leadership and hands on experience across technical domains such as the cloud, containers, DevSecOps, quantitative risk assessments, and more. Robert has a deep interest in the soft skills side of cybersecurity leadership, workforce development, communication and budget and strategy alignment. He is currently a Federal Civilian for an Executive Branch Agency and his views are his own, not representing that of the U.S. Government or any agency.

  Contact Robert Wood ...

Related Posts

The Cloud Wars CEO of the Year Is Christian Klein | Cloud Wars Live

December 5, 2023

Six Steps To Create a Simple Framework for a Complex Business Turnaround

December 5, 2023
Snowflake

Snowflake CEO Frank Slootman: ‘AI’ and ‘Budget’ Never in Same Sentence

December 5, 2023

Celosphere 2023: Astra Zeneca’s Raaj Joshi on Process Mining for Controls and Compliance

December 5, 2023
Add A Comment

Comments are closed.

Recent Posts
  • The Cloud Wars CEO of the Year Is Christian Klein | Cloud Wars Live
  • Celosphere 2023: Astra Zeneca’s Raaj Joshi on Process Mining for Controls and Compliance
  • Snowflake CEO Frank Slootman: ‘AI’ and ‘Budget’ Never in Same Sentence
  • Six Steps To Create a Simple Framework for a Complex Business Turnaround
  • Marc Benioff Raves but Salesforce Growth Dead Last Among Major App Vendors

  • 2X a week
  • Analyst Videos & Articles
  • Exclusive Digital Business Guidebooks
This field is for validation purposes and should be left unchanged.
Most Popular Guidebooks

The Role of CASB with DLP | Unlocking Hybrid Work’s Potential Safely

November 16, 2023

Scale Cloud Native with a Forward-Looking Observability Strategy 

October 26, 2023

The Innovative Power of IBM’s Partner Ecosystem 

October 16, 2023

The Business Impact and Opportunity of Generative AI

September 29, 2023

Advertisement
Acceleration Economy
Twitter LinkedIn
  • Home
  • About Us
  • Privacy Policy
  • Get In Touch
  • Advertising Opportunities
  • Do not sell my information
© 2023 Acceleration Economy.

Type above and press Enter to search. Press Esc to cancel.

  • Login
Forgot Password?
Lost your password? Please enter your username or email address. You will receive a link to create a new password via email.