Breaking the cybersecurity burnout cycle with strategic partnerships
Justin Rice, Vice President of Solutions Consulting, and Jon Lloyd, Practice Principal, discuss the challenges of dealing with multiple security vendors and products, the need for platformization in the cybersecurity space, and the importance of the SOC (security operations center) in managing and responding to security threats
Organizations today are facing the reality of cybersecurity burnout. With the increasing use of cloud services and a dispersed mobile workforce, protecting digital assets has become increasingly complex. There is a proliferation of data, users, and systems generating massive security information. In this scenario, managed security service partners (MSSPs) offer a potential solution, relieving the burden of constant vigilance.
Security vendors have surged their offerings and products to address the explosion of potential vulnerabilities. Justin Rice said, “Most enterprises have, on average, partnerships with about 35 security vendors and consume north of 70 products. That’s tiring.”
As the nature of work has changed, with more tasks migrated to the Cloud and an increasingly mobile workforce, the need for additional tools has grown. However, integrating these tools can present a challenge. The more tools you have, the harder it becomes to integrate them effectively. From an operational standpoint, managing all of this information can lead to slower response times when resolving issues. While tools are available to help with this, the slower response times caused by using multiple tools remain a significant factor to consider.
“What we’re starting to see and certainly hear from our customers is, ‘Oh man, I bought these three products. All three have some overlap in features. My cost containment is now out of control. And oh, by the way, I don’t necessarily have the skills to even manage that environment.’ And I think people are struggling with that.”
Justin Rice
The general move in this arena (and in technology in general), is for vendors to condense their offerings in a trend that our experts refer to as “platformization”. This streamlining makes it possible for customers to consolidate security efforts when appropriately implemented. The benefits of platformization—greater visibility, efficiency, and reduced cybersecurity burnout—are multiplied in the context of a managed security service partner that can add value and ensure proper configuration. These partnerships can help enhance cybersecurity in a continuously evolving digital realm.
Learn more: Secure cloud networking in 2024 with SASE and SD-WAN
Platformization in the cybersecurity space
Over the past few years, the trend in cybersecurity has been best-of-breed tools—selecting the best tool for each security function. This has led to tool sprawl, which is one factor driving the current trend of platformization. Another factor is the need for rapid incident response.
Jon Lloyd said, “Incident response, whether that is a physical bad-guy movie from the nineties or your security environment, the correlation between different departments, agencies, and toolsets becomes wildly important. And it’s getting to that root cause analysis and getting to that understanding.”
Platformization brings together different tools such as firewalls, cloud security, virtual firewalls, endpoint detection and response (EDR), zero-trust network access (ZTNA), and remote browser isolation. The aim is to make these tools work together seamlessly, share data in a common language, and minimize threats.
Justin mentioned the pain points of customers experiencing cybersecurity burnout, “I need to consolidate my security functions into a single platform. I need to have a unified pane-of-glass that I can look at to really monitor that platform. I really don’t want my people to have to spend all of their time learning the tools. I just want them to be able to operate the tools. I want to manage my costs. Those are our common themes.”
Read More: Fortifying the perimeter: Zero trust, AI-driven endpoint security, and the rise of MXDR
Overcoming tool overlap
Justin identified another driver of platformization—overlap. “Overlapping is exactly why we’re seeing the rise in platformization. If I’m buying three different tools, all those three tools do a little bit of the same thing.” Overlap can easily make twice the work for security teams and create cost redundancies. Platformization eliminates overlap and builds greater efficiencies into security practices.
Learn more: How integrated cloud security affects your bottom line
Addressing the psychological aspects of cybersecurity burnout
Jon said, “Every employee is a firewall. I don’t care how much money you spend, people you hire, your people are your biggest weakness, they’re your biggest threat. There isn’t really an easy answer around specifically cybersecurity fatigue.”
CBTS recommends long-term cybersecurity training in addition to seeking out the support of an MSSP. Reasonable training programs and phishing policies are essential for any organization. Keeping up with constant updates can be overwhelming for employees. Strike a balance between the reality of security threats and employees’ ability to adopt these changes.
Justin explained, “We certainly have programs and partners in our Rolodex where we will introduce someone like a KnowBe4 to the client to do proper education and awareness to help keep employees vigilant.”
Is my business a good fit for a managed security service provider?
Jon makes an essential point that managed security service providers do not necessarily need to be SOCs. Although it is a crucial aspect, some prefer having multiple MSSPs to avoid putting all their eggs in one basket. However, organizations need to consider the complexity of their environments and the speed with which they can respond to security incidents.
The right client for a managed security service provider is someone who lacks the staff, payroll, or interest in constantly keeping up with security threats. In other words, a company that is facing cybersecurity fatigue and burnout. The threat landscape is continuously evolving, and security tools must keep up. Building a security program is not a one-time activity but a continuous process. An MSSP helps clients stay up-to-date with the latest security threats and technology.
Do not let cybersecurity fatigue put your operations at risk. Contact CBTS today to learn how our licensed and vetted security experts can help your organization manage cybersecurity burnout efficiently and effectively.
