Q
Get started Bring yourself up to speed with our introductory content.

Are new cybersecurity products the best investment for enterprises?

Having the latest cybersecurity products isn't always the best way to approach security. Expert Mike O. Villegas explains why and how to deal with pressure to buy new.

A recent report from Trustwave, the "2016 Security Pressures Report", found that IT managers feel pressured to...

buy new cybersecurity products even if they or their staff don't have the right skills to implement the technology. How can managers push back on this pressure? Or should they buy the new technology and get the training to implement it properly?

The 2016 Trustwave report found that 74% of the 1,400 IT/security professional respondents felt pressured to select the latest cybersecurity products, while 31% lacked the resources to properly adopt, deploy and use them. The survey does not say where the pressures are coming from or what new cybersecurity products are referred to, but it does state that the majority of respondents (54%) listed detection of vulnerabilities, malware, malicious activity or compromises as their most pressure-inducing security responsibilities.

Given the threats listed, the cybersecurity products in question appear to focus on SIEMs, FIMs, NGFWs, IPS/IDS, DLP, MDM, MFA and antivirus/antimalware software. These technologies continue to improve in scope, scalability, coverage and manageability but commensurately so do the skills required to use them.

The pressure to use the latest cybersecurity products likely comes from upper management, industry best practices, emerging technologies and perceived risk levels. But before succumbing to these pressures, security professionals need to realistically look over their situation and do three things:

  • Perform a security risk assessment to identify mission critical applications, sensitive and confidential data, the business impact if the technology is not available due to errors or breaches, threats to critical assets and applications, and the effectiveness of the design of controls over these assets;
  • Perform a skills inventory of the staff to determine whether the products being considered or already in place are properly used; and
  • Determine whether to focus on building internal capabilities or outsource to a managed service provider.

Asking how managers can push back on these pressures is the wrong question. It's better not to push back on pressures but to instead focus on planning, proposing, deploying and maintaining the most effective cybersecurity products.

  • Make security plans based on risk assessments, a skills inventory and whether security services are outsourced or kept in-house. Plans should also be based on a proven cybersecurity framework;
  • Propose the security plan to executive management for approval and funding;
  • Deploy the approved technology and information security program. This includes eliminating shelfware and upgrading to current tools; and
  • Maintain the program through security monitoring, updating to current patches, testing controls, staying compliant and remediating any issues. This includes building staff skill levels if the security program is kept in-house.

This is an iterative process. As the enterprise expands, protection levels may also grow. Security professionals should not allow pressures for new cybersecurity products to drive what they need and what they know is right for the enterprise.

Ask the Expert:
Have questions about enterprise security? Send them via email today. (All questions are anonymous.)

Next Steps

Find out when it's time to change your cybersecurity products

Learn how security vendor hacks affect enterprises

Discover how a risk assessment on a third-party vendor can improve security

This was last published in September 2016

Dig Deeper on Information security program management

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

3 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Do you feel pressured into buying the latest and greatest cybersecurity technologies? If so, where does the pressure come from and how do you respond?
Cancel
I feel fortunate to work in an organization that understands the need to have the people in place to support the tools. So, no, we don’t feel pressured to have the latest and greatest tools, but we are pressured to staff and launch a first-rate cybersecurity program.
Cancel
The best tools are useless if you don’t have the team a policies in place to support them.
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close