Cybersecurity Tool Sprawl Leaves Security Gaps, Cuts Margins for Channel

… other investments.

Tips for Managing Tool Sprawl

Breaking the cycle means looking at the cause of tool sprawl in a new way and creating a different approach to tool use and integrations. Here are a few tips on how to do that.

• Automate tool management. “Deploy yet another tool to automate and centrally manage your disparate tools. As counterintuitive as this sounds, this approach gives you the best of both worlds. You get to keep your best-of-breed tools, but by hooking them into a single system – a ‘single pane of glass’ that also automates and orchestrates changes across them all –  the incidence of configuration errors, change delays and other problems that accompany vendor sprawl is greatly reduced. So even though in theory you are adding more complexity into the mix, in reality your management burden decreases and your overall security posture increases,” explained Almer.
• Build up from a foundation of basic tools. “Try to limit investment to as few tools as possible, and ones which cover as many functional bases within reason. Solving that top “80%+” of your needs with just a handful of tools and filling the remaining gaps, as needed, with other tools is a much cleaner approach than dividing equal sized duties to greater numbers of products,” advised Derrick Wlodarz, president of FireLogic.
• Eliminate redundant tools. “Adopt a continuous security validation solution that can measure the effectiveness of existing security infrastructure, identify misconfigurations and expose gaps in current security strategy,” said Chenette. “This technology works by allowing organizations to run attack scenarios against themselves, so enterprises can identify areas of weakness, overlapping tools and misconfigurations.”

Cygilant’s Kevin Landt

“By using continuous security validation to tackle the tool sprawl epidemic, organizations can save money by eliminating redundant tools and ensure critical assets are protected by a properly configured network of security solutions,” Chenette added.

• Use humans to evaluate tools. Automated management shouldn’t be your only means to evaluating which security tools are providing value and which aren’t. “Much of the problem with tool sprawl stems from not having enough qualified cybersecurity talent available to use the tools,” said Kevin Landt, VP of product management at Cygilant.

“This is where service providers can add a lot of value if they can fill that people shortage and help stream the output of those tools into a central operations platform, making it easier to digest and take action on the large volume of data coming out of all those tools,” Landt added.

• Consider consolidating and leveraging vendors. “An approach that MSPs and customers should consider is vendor consolidation, which helps to decrease exposure of security when it comes to interactions and communications within these tools, as well as solutions that can provide a stronger ecosystem when used together,” advised Verma.

Perimeter 81’s Sivan Tehila

Don’t hesitate to lean heavily on vendors for tool support too, which can help in managing tool sprawl and scheduling tool retirement or replacement.

“Managed service providers should focus on providing unified solutions across the complete IT infrastructure for common use cases, and look for consolidation of vendors and tools when covering the breadth of security use cases across the IT infrastructure,” Verma added.

• Consider security as a service as an alternative. “To maximize ROI, organizations should consider replacing their unwieldy collection of cyber solutions with a single unified platform that provides a wide range of security tools as a service,” said Sivan Tehila, director of solution architecture at Perimeter 81.