Cybersecurity tool sprawl can diminish an MSP’s true value to clients.

Pam Baker

June 20, 2019

6 Min Read
Network security

Cybersecurity tool sprawl is the aftermath of repeated attempts to close evolving security gaps.

“Today, the number of tools outweigh enterprise initiatives,” said Anthony James, vice president of Product Marketing at Infoblox. Having too many cybersecurity tools creates chaos but it’s a hard cycle to break so the problem will only get bigger.

“On one hand, the complexity rises with each added tool, and the ability to keep everything correctly configured greatly diminishes. On the other hand, quickly evolving attackers require you to use new defenses or fail,” said Edy Almer, vice president of products at Cyberbit.

While resellers think this an opportunity to sell more products, and sometimes it is, “customers are often just confused by the services landscape offered by the channel or an MSP,” said Himanshu Verma, head of business development at WatchGuard Technologies.

Indeed, tool sprawl can actually diminish an MSP’s true value to clients.


WatchGuard’s Himanshu Verma

“For MSPs, the total cost of ownership can increase drastically if they continue to manage and maintain multiple redundant tools. Such cases can also lead to overlap with their managed services and diminish the true value MSPs can provide using a unified remote monitoring tool,” Verma added.

MSPs and MSSPs are finding security tool sprawl to be a major cause behind tightening margins, lost efficiencies and budget strain; yet, they too are caught in this never-ending cycle spurred even faster by market hype and customer expectations of the latest and greatest security tools.

“Just by taking a stroll around any security trade show floor, you can see a vast array of companies claiming to be the savior of your network and data, but after a deeper dive, they often show limited incremental value on top of traditional cybersecurity solutions and practices,” explained James.

Hiring an MSP or MSSP is one way enterprises deal with security tool sprawl. So how bad is that sprawl in a typical enterprise seeking to outsource a fix?


AttackIQ’s Stephan Chenette

“The average enterprise uses 75 security products to secure their network; however, the tool sprawl problem is not solely an issue of too many solutions in place, but a lack of insight into whether an enterprise’s current security infrastructure is working properly,” said Stephan Chenette, CTO and co-founder, AttackIQ.

The underlying challenge for MSPs and MSSPs is how to manage tool sprawl without tossing out older tools that are still effective, or ignoring newer tools designed to thwart new threats older tools can’t address. But in any case, tool sprawl has to be reigned in to restore margins, time and cost efficiencies, and free budget dollars for …

… other investments.

Tips for Managing Tool Sprawl

Breaking the cycle means looking at the cause of tool sprawl in a new way and creating a different approach to tool use and integrations. Here are a few tips on how to do that.

  • Automate tool management. “Deploy yet another tool to automate and centrally manage your disparate tools. As counterintuitive as this sounds, this approach gives you the best of both worlds. You get to keep your best-of-breed tools, but by hooking them into a single system – a ‘single pane of glass’ that also automates and orchestrates changes across them all –  the incidence of configuration errors, change delays and other problems that accompany vendor sprawl is greatly reduced. So even though in theory you are adding more complexity into the mix, in reality your management burden decreases and your overall security posture increases,” explained Almer.

  • Build up from a foundation of basic tools. “Try to limit investment to as few tools as possible, and ones which cover as many functional bases within reason. Solving that top “80%+” of your needs with just a handful of tools and filling the remaining gaps, as needed, with other tools is a much cleaner approach than dividing equal sized duties to greater numbers of products,” advised Derrick Wlodarz, president of FireLogic.

  • Eliminate redundant tools. “Adopt a continuous security validation solution that can measure the effectiveness of existing security infrastructure, identify misconfigurations and expose gaps in current security strategy,” said Chenette. “This technology works by allowing organizations to run attack scenarios against themselves, so enterprises can identify areas of weakness, overlapping tools and misconfigurations.”


Cygilant’s Kevin Landt

“By using continuous security validation to tackle the tool sprawl epidemic, organizations can save money by eliminating redundant tools and ensure critical assets are protected by a properly configured network of security solutions,” Chenette added.

  • Use humans to evaluate tools. Automated management shouldn’t be your only means to evaluating which security tools are providing value and which aren’t. “Much of the problem with tool sprawl stems from not having enough qualified cybersecurity talent available to use the tools,” said Kevin Landt, VP of product management at Cygilant.

“This is where service providers can add a lot of value if they can fill that people shortage and help stream the output of those tools into a central operations platform, making it easier to digest and take action on the large volume of data coming out of all those tools,” Landt added.

  • Consider consolidating and leveraging vendors. “An approach that MSPs and customers should consider is vendor consolidation, which helps to decrease exposure of security when it comes to interactions and communications within these tools, as well as solutions that can provide a stronger ecosystem when used together,” advised Verma.


Perimeter 81’s Sivan Tehila

Don’t hesitate to lean heavily on vendors for tool support too, which can help in managing tool sprawl and scheduling tool retirement or replacement.

“Managed service providers should focus on providing unified solutions across the complete IT infrastructure for common use cases, and look for consolidation of vendors and tools when covering the breadth of security use cases across the IT infrastructure,” Verma added.

  • Consider security as a service as an alternative. “To maximize ROI, organizations should consider replacing their unwieldy collection of cyber solutions with a single unified platform that provides a wide range of security tools as a service,” said Sivan Tehila, director of solution architecture at Perimeter 81.

Read more about:


About the Author(s)

Pam Baker

A prolific writer and analyst, Pam Baker’s published work appears in many leading print and online publications including Security Boulevard, PCMag, Institutional Investor magazine, CIO, TechTarget, and InformationWeek, as well as many others. Her latest book is “Data Divination: Big Data Strategies.” She’s also a popular speaker at technology conferences as well as specialty conferences such as the Excellence in Journalism events and a medical research and healthcare event at the NY Academy of Sciences.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like