CONFERENCE On Demand: Cyber AI & Automation Summit - Watch Now
Connect with us

Hi, what are you looking for?


Security Infrastructure

Is Enterprise Security Being Weighed Down by Point Solutions?

The cybersecurity industry is bubbling with new technologies that go after the threat du jour. The threat landscape has evolved, and cyber risk from organized crime and nation states represent a clear and present danger. The impact on enterprise security is severe. Our security is only as good as our ability to coherently and consistently put up a solid defense.

The cybersecurity industry is bubbling with new technologies that go after the threat du jour. The threat landscape has evolved, and cyber risk from organized crime and nation states represent a clear and present danger. The impact on enterprise security is severe. Our security is only as good as our ability to coherently and consistently put up a solid defense.

Once upon a time, security was simple: you had a corporate network with a defined perimeter. Throw up some firewalls at the endpoints, and you could pretty much weather any cyberattack at the time. Then came mobility and the Cloud, and securing this modern network was no longer simple. Businesses were exposed by security holes they didn’t even know existed. Sophisticated attackers were able to blow right past legacy security appliances. The need to address the widening gap between defenders and attackers, along with the risk of facing a breach, initiated a “security arms race.”

Point Security SolutionsGartner estimates that worldwide spending on information security reached over $75 billion in 2015, continuing a pattern of increases. And at the annual RSA conference last month, there were over 500 exhibitors all vying for a piece of that pie. But therein lies the problem: how is one expected to make sense of all these various point solutions on the market and organize them?  This explosion of point solutions contributes to network complexity and challenges short-handed IT teams to protect their networks in a manageable way.

Network complexity is the real vulnerability

As the network expanded into the Cloud and incorporated a growing mobile workforce, it stretched the perimeter to its breaking point. This not only exposed businesses to new kinds of threats, but made it difficult for the IT team to gain visibility across the entire network. To combat these threats, businesses began layering point solution upon point solution to secure new data access paths. What started off as a few supplemental security appliances snowballed into an appliance straightjacket, severely constraining an IT team that was already burdened by a lack of resources.

Appliance-based network security is complex. Each appliance must be maintained and have its policies managed and updated accordingly. And that’s not accounting for the inevitable issues – say a power supply fails or a software update crashes the internal operating system or a new vulnerability is discovered, requiring a replacement or multiple patches. Administrators have to deal with constant appliance turnover and new geological layers of rules, settings and scripts. Manual intervention is required before every update to ensure stability, meaning more precious time is wasted before appliances can adapt to current security threats.

Even the positioning of network appliances, which are designed to operate best within a defined network perimeter, is a challenge. These devices were traditionally placed in front of, at, or on the edge of the network perimeter. Without a clear perimeter, many more appliances and point solutions are needed to cover the network. It’s also led to an expanded attack surface, as hackers often target unpatched software vulnerabilities, outdated defenses and product misconfigurations. The more tools enterprises deploy to counter these increasing threats, the greater the opportunity for hackers to identify weak links. Security appliances are only as effective as the people who run them, and IT teams simply don’t have the appropriate resources. Nor do they have enough qualified staff in some cases.

Overcoming the IT security skills gap

The skills gap is more than just a lack of cybersecurity professionals; it’s disciplinary, too. The Cloud industry is booming, but security professionals with Cloud computing skills are even harder to come by. According to recent research from ESG, 46% of organizations say they have a “problematic shortage” of cybersecurity skills in 2016, with 33% citing cloud security specialists as their biggest deficiency.

Advertisement. Scroll to continue reading.

Security teams should be responding to new and emerging threats. But with so many security appliances, they often spend more time trying to manage what they own than think about the threat landscape and how to adapt to it. IT is reaching a breaking point with the perfect storm of a deficiency of experienced security personnel converging with a highly complex networking and security environment that is overwhelmed by point solutions. Something will have to give.

To avoid a full-on point solution implosion, enterprises should look for an answer within the same forces that gave rise to network complexity: Cloud, Internet and software.

By realigning the network perimeter to accommodate the new realities of the Cloud and mobility, businesses can rationalize the way they enforce security. By “cloudifying” network security, re-establishing the network perimeter, and moving away from the appliance form factor, the workload on critical IT resources will be reduced with fewer policies and configurations to maintain. At the same time, the attack surface will shrink and there will be less moving parts to manage. While point solutions will continue to play a critical role in driving security innovation, the security industry at large should focus more on ensuring businesses can consume new capabilities in a way that is simple, streamlined and manageable – and will therefore make them more secure.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Security Infrastructure

Security vendor consolidation is picking up steam with good reason. Everyone wants to improve security efficiency and effectiveness while paying for less.

Management & Strategy

Hundreds of companies are showcasing their products and services this week at the 2023 edition of the RSA Conference in San Francisco.

Security Infrastructure

Instead of deploying new point products, CISOs should consider sourcing technologies from vendors that develop products designed to work together as part of a...

Security Infrastructure

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.

Cloud Security

The term ‘zero trust’ is now used so much and so widely that it has almost lost its meaning.

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture

Security Infrastructure

While silos pose significant dangers to an enterprise's cybersecurity posture, consolidation serves as a powerful solution to overcome these risks, offering improved visibility, efficiency,...