The cybersecurity consolidation conundrum

Issue 3 2022 Editor's Choice, Information Security, Healthcare (Industry)

While employees and organisations are busy settling into remote or hybrid working, cybersecurity professionals continue to grapple with the challenges that come with a rapidly expanding network perimeter. And with every new ransomware attack that hits the headlines, it would be fair to assume that adding more security products or vendors would make a company more secure. But that’s not the case.

According to a recent survey, conducted with Vanson Bourne, one of the biggest challenges of securing a remote workforce is in fact managing multiple point-products or vendors. This is due to poor visibility and gaps between the protections that each product delivers, not to mention the complexity (and higher cost) of managing multiple vendor relationships. Almost all respondents in the survey (87%) believe that consolidation is an important part of securing the remote workforce, yet despite knowing this, over half (54%) reported that their organisations use more than 10 point-products. The healthcare sector is furthest behind the curve in this regard, with nearly eight in 10 organisations using more than 10 separate point-products.

So, what’s holding organisations back? If the benefits of consolidation are so clear, why aren’t more doing it?

Saturated security market

One of the key reasons organisations are falling behind when it comes to consolidation is that decision-makers are, to all intents and purposes, spoiled for choice. The security market is heavily saturated at the moment, particularly in light of the move toward remote or hybrid working. Yet, despite organisations needing more robust security measures than ever before, budgets are tight and many feel pressured to focus only on the specific problem they face today, instead of considering more long-term strategic approaches. This is particularly true of the healthcare sector.

There are many reasons behind this tendency, not least the concept of vendor lock-in, which is still highly prevalent in the industry. Ongoing subscriptions make it difficult for organisations to switch vendors. Likewise, it’s becoming increasingly difficult for vendors to get customers to commit to a relationship spanning multiple years. Such relationships take time to nurture and reach their full potential, so many organisations are using a smaller number of vendors rather than committing to a single one.

This multi-vendor approach might offer a fix for short-term problems, but it puts a great deal of strain on security teams who might not have the resources to adequately vet every product or vendor. CISOs might have a good idea of what’s best for their own organisation, but it’s difficult to apply that knowledge to an ever-expanding list of disparate vendors that are pulled together under one umbrella.

Healthcare organisations have complex networks

As healthcare is the least consolidated sector, it’s an ideal point of focus for a discussion on what might be holding consolidation back. It’s also a sector that’s ripe for consolidation and arguably stands to benefit the most, with a network footprint spanning everything from laptops to critical medical equipment like MRI scanners and kidney dialysis machines.

Because healthcare is a 24/7/365 industry, any downtime to change or introduce new consolidated technologies is not an option that is often considered. In fact, disruption to normal service is probably what’s holding most organisations back from adopting a more consolidated cybersecurity infrastructure. However, there is no reason why the introduction of a carefully planned consolidated platform implementation should cause any disruption to business or indeed patient care.

To stay safe in today’s increasingly dangerous threat landscape, cybersecurity requires an integrated and consolidated approach that covers all the bases, from endpoint to data centre to cloud. While this is technically achievable with a multi-vendor approach, it’s simply not viable for organisations that want to take a long-term, streamlined and cost-effective approach to security. For those organisations, consolidation is the answer.

Find out more at www.checkpoint.com




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

The human factor side of video management systems
Leaderware Editor's Choice Surveillance Risk Management & Resilience
A video management system (VMS) is central to, and the most vital element to any control room operation using CCTV as part of its service delivery, however, all too often, it is seen as a technical solution rather than an operational solution.

Read more...
Get the basics right to win more business
ServCraft Editor's Choice Risk Management & Resilience
The barriers to entry in security are not high. More people are adding CCTV and fencing to their repertoire every year. Cowboys will not last long in a space where customers trust you with their safety.

Read more...
Paxton’s Net2 secures medicinal cannabis facility
Paxton Access Control & Identity Management Healthcare (Industry) Videos
Paxton’s Net2 access control has been installed at Highlands Grow, a fully licensed industrial-scale cultivator, producing cannabis for medicinal and recreational use.

Read more...
All aspects of data protection
Technews Publishing Editor's Choice Information Security Infrastructure AI & Data Analytics
SMART Security Solutions spoke to Kate Mollett, Senior Director, Commvault Africa, about the company and its evolution from a backup specialist to a full data protection specialist, as well as the latest announcements from the company.

Read more...
Projections for 2024’s Advanced Threats Landscape
News & Events Information Security
Kaspersky Global Research and Analysis Team (GReAT) experts offer insights and projections for 2024 in the Kaspersky Security Bulletin, with a focus on the evolution of Advanced Persistent Threats (APT).

Read more...
Global strength, local craft
Impro Technologies Editor's Choice
Impro Technologies is a resounding success story. Started in South Africa, the company remains true to its roots and still designs and manufactures its access control systems and solutions in the country.

Read more...
Trellix detects collaboration by cybercriminals and nation states
News & Events Information Security
Trellix has released The CyberThreat Report: November 2023 from its Advanced Research Centre, highlighting new programming languages in malware development, adoption of malicious GenAI, and acceleration of geopolitical threat activity.

Read more...
SA enterprises can benefit from AI-driven cybersecurity
AI & Data Analytics Information Security
Cybercrime is big business, and threat actors deploy cutting-edge tools to carry out attacks. Fortunately, cybersecurity is constantly evolving to meet and counter the threats they face.

Read more...
South Africans play a role in becoming scam victims
Editor's Choice Risk Management & Resilience
The South African fraud landscape is becoming increasingly risky as fraudsters and scammers look to target individuals with highly sophisticated scams, in an environment where it is becoming increasingly difficult for lawmakers and authorities to bring these criminals to justice.

Read more...
Africa Online Safety Fund announces grant winners
News & Events Information Security
The Africa Online Safety Fund (AOSF) has announced the winners of this year’s grants; among them are five organisations operating in South Africa to educate people about online risks.

Read more...