ReliaQuest has published the findings of its 2021 Security Technology Sprawl Report with IDG, which surveyed 400 IT and security decision makers at companies with more than 1,000 employees on the effectiveness of their current security tools and technology stacks. The study found that on average, enterprises maintain 19 different security tools, with only 22% of such tools serving as vital to primary security objectives. The report also unveiled a lack of meaningful ROI metrics when reporting on security progress, as well as disparate opinions on objectives, tool effectiveness and security awareness amongst the organization between executives and operations on security teams.
Additional findings include:
According to Aaron Sherrill, Senior Analyst at 451 Research, part of S&P Market Intelligence, “As enterprises add more security tools to their arsenal, they are finding that it is becoming increasingly challenging to integrate those disparate tools into their operational processes and find information across the different data silos within those tools. The problem is only becoming worse as enterprises continue to expand IT ecosystems across multiple environments and rapidly adopt new, emerging technologies.[1] Additionally, too often, security leaders report on metrics that are largely qualitative, focusing on discrete technical aspects of the cybersecurity program, or delivering data points with no context. To be meaningful, C-level leaders need measurements in terms that are easy to understand and relatable at the business level.[2]”
“Security is not a game of chance, but one of strategy. Each year, the number of security tools drastically increases, causing alert fatigue and security team burn out,” said Brian Murphy, CEO of ReliaQuest. “But there is light at the end of the tunnel. Enterprises must adopt a focused, strategic approach to security, rooted in vendor-agnostic tool integration.”
Murphy added: “With Open XDR, organizations can now gain visibility into relevant security data, regardless of where it resides. Traditional approaches to XDR use just a subset of security data belonging to one provider or a limited few. Open XDR provides comprehensive visibility, rich investigations, as well as access to data and actions, allowing organizations to gain all the insights needed to align on key metrics including those that matter to the board, as well as security management and operations teams in the trenches. This alignment is a game changer for organizations.”