6 Security Investments You May Be Wasting>
Dark Reading – Kelly Sheridan
On a positive note, businesses today are better at understanding risks and allocating more of their attention and IT budgets (23%) to cybersecurity. Enterprises, as reported in new Kaspersky Lab research, believe their security budgets will grow by 15% over the next three years, as do businesses with less than 50 employees. SMBs are about the same, anticipating 14% growth in security spend by 2021, according to Kaspersky Lab. Enterprise victims allocate most ($193,000, on average) of their post-breach spending toward improving software and infrastructure, and SMBs hit with breaches spend $15,000 on the same expense, according to Kaspersky. More than one-third (34%) of organizations say the intricacy of IT systems is driving investments; the same amount say improving security expertise is a motivation to spend, according to Kaspersky. The reason: many security technologies simply aren’t worth their cost without the right resources to implement and run them, observes Tom Parker, group technology officer at Accenture Security. SIEM While buying a SIEM is a good first step, the return on your investment will only be recognized if you architect it well and create the right content for it. Network monitoring Parker encourages executive leaders approving budgets to have a rigorous methodology for maximizing the ROI for their security spend. The process should measure how widely solutions are being deployed and record metrics around how the tech has increased resiliency across the enterprise, he says. Forensics and threat hunting The problem with these types of tools is their value is limited if they can’t calibrate to an organization’s operations or risk profile, Pironti continues. “It’s not that the vendor is wrong, but [the tool] has to be meaningful to your organization,” he explains. “It has to be a symbiotic relationship ⦠a third party can’t tell me what I should care about and why I should care about it.” Endpoint detection and response “It’s very easy to go buy an EDR,” he says. “It’s not so easy to hire a team of experts that know how to use EDR, how to implement it and manage it, and fully use that technology.” This is why when companies sell EDR, they often sell a managed EDR service on top of it, he points out. Encryption Encryption key management is a growing problem, says Pironti, but it’s more of a hygiene problem than a technology problem Identity and Access Management IAM is also a process and the biggest challenge is staying on top of transfers and changes, Pironti explains. If you don’t properly manage these, you don’t maximize the effectiveness of IAM and you put your enterprise users and data at risk.
Link: https://www.darkreading.com/analytics/6-security-investments-you-may-be-wasting/d/d-id/1331918