Constantinople in the 15th century was perhaps the most fortified city in the world. Its walls spanned 6.5 km and stood proud at 12 meters high and with a width of 5 meters. Additionally, it was ringed by a formidable moat, insulated with a double line of ramparts and was adjoined by a sea wall wielding a large metal chain that could be raised to close off the golden horn. However formidable these defences proved to be, they demanded people to garrison them, of which Constantinople experience an acute shortage. Therefore, mixed with new ottoman innovations in warfare and with the defender’s resources spread thinner than a student’s budget, Constantinople fell on the 29th May 1453.
Tool Sprawl presents the same challenge to companies that Constantinople experienced in 1453. For clarification, tool sprawl occurs when companies over-invest in many different solutions combatting cyber-threats, and as such, it actually hinders the ability for security operation centres (SOC), or security teams to respond and identify threats. As a result, it slows the productivity of teams as they are having to hop from one solution to the next. Additionally, in an industry gasping under the acute shortage of skilled security engineers and professionals, learning how to navigate all these tools has proven to be a barrier to people entering the workforce. The difficulty of coordinating a response when using a different tool for each threat is akin to perfectly timing all the components of a Sunday roast whilst being strapped to an orange space hopper.
It is estimated that the average IT security team are using between 10-30 security tools spanning across network structures, cloud environments and IT infrastructure. So just like a defender of Constantinople in 1453 darting from one aspect of the city’s defence to another in an attempt to meet the threat, the modern security professional is having to wade through multiple different tools, across multiple different systems, in order to fend off a cyber-threat. This is not productive and slows the responsiveness and effectiveness of a system’s defence. In essence, companies are paying for more solutions only to worsen the coordination of their cyber defence. This is coupled with an increasingly sophisticated threat landscape and as a result, is making mitigating and deterring attacks much harder to plan for. Tool sprawl reduces the visibility of these threats, exacerbating the potential impact of such attacks as they become harder to track. This increasingly important as cybersecurity is becoming vital as the world pushes for greater digitalisation and as IOT (Internet of things) becomes adopted into all aspects of our lives. Therefore, it is more important than ever for companies and industry leaders to coordinate with each other, open dialogue and learn from each other’s challenges. What are the solutions to tool sprawl then?
Reasonable logic would suggest that if there are too many solutions and tools being utilised then surely a firm should unify its cyber strategy under a single umbrella? Although that would eradicate the challenge of tool sprawl, the complicated threat landscape calls for a diverse range of solutions to fend off different threats. You would not try and fight off flu by just eating chicken soup? However, just as in Constantinople’s experience, too many defences spread’s resources too thin and ultimately hinders the response. One solution is SASE (Secure Access Service Edge), which allows for security solutions and key network aspects into one unified cloud platform. This allows organisations to simplify the process under a unified security umbrella whilst maintaining a diverse range of solutions to threats.
In summary, too many tools can slow the response rate down and ultimately hinder the security of a network. Many challenges are facing the IT industry (of which tool sprawl is one) and it is more important than ever for leaders to come together and share their experience with these challenges. This would help companies develop their strategies and, in the process, make them more agile in responding to the future landscape. Reflecting on Constantinople, too many defences can prove fatal when crunched with too few resources and more sophisticated assaults.
By Henri Willmott