Security Experts:

Connect with us

Hi, what are you looking for?


Incident Response

Boom Goes the Cyber Security Toolbox

More Cyber Security Tools Can Increase Cost, Increase Complexity, and Reduce an Organization’s Ability to be Effective

More Cyber Security Tools Can Increase Cost, Increase Complexity, and Reduce an Organization’s Ability to be Effective

I recently had an occasion to go through my father’s workbench at his home, where he’s been collecting tools and doing fixing, building, and God knows what else for the past 25+ years. There were drawers, cabinets, hanging things, and boxes everywhere. As we went through his various tools we talked about what each thing does, when he got it, and why it was critical to something he once worked on.

My dad’s workbench had no less than 10 different kinds (not types) of screwdrivers that essentially were meant for the same function. He had ultra-long, long, mid-length, short, and stubby flathead screwdrivers – each geared for a specific task, but ultimately with significant overlap. He had about two dozen tools that were used once, probably, for some specific job and he never picked up again.

This got me thinking about my own profession, and some of the absolutely bonkers things I’ve heard lately in terms of the number of tools an organization has at their disposal for cyber security things. I think the biggest number I heard was somewhere around 175 cyber security tools in an enterprise. That makes me think of my dad’s workbench – where about half the tools overlap, and the other half served a purpose once, or twice, and likely never were used again and yet they sit there and take up space just in case.

I bet you have a significant number of cyber security tools in your organization. I also bet you have things that overlap in their purpose, but are ever so slightly different in their feature set that you keep them all around.

In March 2016, Stephan Chenette was quoted as saying:

“With an average of 75 security tools in play, redundancy exists. “Many organizations are hiring security experts to manage redundant products and manage alerts that don’t mean anything.”

Stephan’s “Hope is not a strategy” outlook mirrors mine, so I’ve been digging into this troublesome trend of tools explosion. 

Another shining example of this trend continuing is here, from 2019:

As we look at things, small organizations are using on average between 15 and 20 tools, medium-sized businesses are using 50 to 60, and large organizations or enterprises are using over 130 tools on average. This is just massive!” — Matt Chiodi, Palo Alto Networks

As I thought about the types of business drivers that fuel decision makers, three themes were common across all organizations – SMB, to mid-market, to enterprise. These three are manage cost of doing business, decrease overall complexity, and increase effectiveness. That sounds pretty simple, right?

Here’s the problem I believe cyber security, and more broadly IT, needs to keep close to front-of-mind. As we continue to bring in more tools into cyber security toolboxes, we rarely, if ever, retire anything. It seems like everything we bring in is just an add-on. I’ve been talking about this for years, and I know many of you already think this way because I’ve been asked on consultations, “If you think I need tool X, what things is this going to replace in my environment?”.  That’s absolutely the right question to ask, but we’re not asking it enough or learning to say no when the answer is “nothing”.

More tools increase your cost, increase overall complexity, and eventually decrease your organization’s ability to be effective. I’m pretty sure you’re thinking I’m slightly off my rocker in that last one, but I’ll explain myself later.

So, there you have it – my philosophy on improving the state of cyber security, with our three big audacious goals in mind as we careen ahead into 2020 and beyond. I’ll write up a post on each of my business drivers (mentioned above), and then provide some ideas where I think there is innovation or at least more options.

RelatedAre Overlapping Security Tools Adversely Impacting Your Security Posture?

RelatedThe Accountability Gap – Getting Business to Understand Security

Written By

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.


Twenty-one cybersecurity-related M&A deals were announced in December 2022.