Answer these 4 questions to maximize the ROI of your security toolset
Over the past decade, organizations realized they need to arm their teams with the right security toolset in order to mitigate the cyber threats they’re facing.
Over the past decade, organizations realized they need to arm their teams with the right security toolset in order to mitigate the cyber threats they’re facing. The continuous investment and adoption of security tools has created a challenge: Organizations are now leveraging tens, and sometimes hundreds, of security tools from various vendors that often don’t share data and insights between each other. This makes it difficult to get a comprehensive view of their threat posture.
For business leaders facing inflationary pressures, the challenge becomes a matter of ROI, and they often ask, “Is this investment in a security tool going to maximize my ability to be secure and resilient from cyber threats? Or am I purchasing just another security tool that will be added to my long list of existing security tools?”
To maximize the value and return on security tool investments, organizations are recommended to take a step back and address four key questions:
- What are the security tools we’re currently using today? Taking an inventory of the security tools teams are using and tying them to how they’re protecting critical assets often unveils the aforementioned problem of a complex security toolset. Although from an outside perspective this seems simple, it requires a deep assessment and mapping across the organization’s various functions, which can be challenging.
- Are there capability redundancies across these tools? Security software providers are rapidly adding new security capabilities to address market challenges. By taking a fresh look at current tooling capabilities, organizations can identify capability redundancies that might not have existed at the time of purchase. Similar to question one, this too can be challenging. Many organizations lack personnel with the expertise to understand the nuances of each tool’s capabilities and apply those capabilities to address security needs.
- Are my tools “right-fit” for my organization’s needs? This requires three key components – an understanding of the business objectives, the regulations they face, and the industry/geographical pressures they are under. Furthermore, this step has to be continuously evaluated as those key components are inherently evolving.
- Do my tools work in conjunction with each other? Security teams often spend time and resources collecting data from disparate tools to analyze their current security posture. This leads to inefficiencies and hurts the organization’s ROI. A key development in the past year to move toward a common framework to share data and work in conjunction with each other has been the Open Cybersecurity Schema Framework (OCSF). AWS has been one of the key leaders in the OCSF project. Based on OCSF standards, AWS announced the general availability of their AWS Security Lake in May of this year, which enables organizations “automatically collect, combine, and analyze security data from more than 80 sources.” The innovative new solution enables companies to “aggregate, normalize, and store data,” which results in a faster, simplified, and unified method to manage security events across environments. Additionally, as an inaugural partner of AWS Security Lake, Kyndryl’s Security Operations as a platform with AWS Security Lake, is intended to provide faster time to detection, response and orchestrated security intelligence.
While answering these questions may seem daunting, having a trusted partner with the skills and expertise to guide you can be beneficial. Kyndryl, which has a proven track record of over 30 years of designing, building, and managing mission-critical IT environments, provides end-to-end services to help clients address these questions through assessments, advisory, implementation and managed services. As part of our services set, Kyndryl recently launched its security operations services, enabling clients to be advised on their journey to modernized cybersecurity operations.
Learn more about how Kyndryl and AWS can help companies address security complexity.
About Author
