Continue reading this on our app for a better experience

Open in App
Floating Button
Home Digitaledge In Focus

The decluttered era of cybersecurity: A journey to consolidation

David Ng and Siang-tse Foo
David Ng and Siang-tse Foo • 6 min read
The decluttered era of cybersecurity: A journey to consolidation
An incremental approach to simplifying the security environment and a platform that supports third-party integrations are key. Photo: Pexels
Font Resizer
Share to Whatsapp
Share to Facebook
Share to LinkedIn
Scroll to top
Follow us on Facebook and join our Telegram channel for the latest updates.

Technological evolution has brought about a critical imperative in cybersecurity today, where relentless threats demand purging outdated defences and streamlining the security stack.

In a world flurried with reputation-crushing cybersecurity threats, businesses typically relied on the age-old adage of “better safe than sorry”. This thinking has led organisations to amass an arsenal of solutions, taking a “best of breed” approach; each addition building upon the previous, seeming like a prudent, necessary step to address a multitude of concerns.

While this approach may have seemed advantageous and reassuring, the breakneck pace of digital transformation has resulted in a colossal expansion of the attack surface, leaving businesses increasingly burdened with a complex security stack, overtired teams, and mounting cyber risks. According to a recent study on cybersecurity risks, a staggering half of Singapore respondents admitted that the digital attack surface is “spiralling out of control”, and they are in constant fire-fighting mode, unable to cover their workloads.

The sheer number of disparate tools from multiple vendors has created information silos, skills gaps and challenges in obtaining visibility.

Compounding these challenges is the irony of rapid technological advancements, wherein developments in areas such as generative AI herald new threats that businesses need to be equipped to handle.

These trends underscore the imperative for reorienting the cybersecurity approach — a call to simplify and streamline the security stack. In other words, businesses must perform a cybersecurity “spring cleaning”: a thorough assessment and optimisation of their digital safeguards. The question is: where do they begin?

See also: 80% of AI projects are projected to fail. Here's how it doesn't have to be this way

Navigating the path to consolidation

Although it may seem otherwise, the process of consolidation doesn’t simply imply discarding legacy investments, especially those deeply embedded in security operation centres (SOC). Some diversity of solutions is inevitable as no single vendor can meet every security requirement. In fact, many on the journey are gradually simplifying to fewer than 10 vendors to start. The principles of “defence in depth” and “defence in diversity” are still relevant. We are not advocating concentrating all your security tools on a single vendor.

Instead, a consolidation strategy aims to achieve an anchor set of core safeguards, which are part of a single unified platform, to improve risk posture while achieving other business benefits, such as resource and cost optimisation.

See also: Responsible AI starts with transparency

To that end, a flexible and minimally disruptive path to consolidation entails two key components: An incremental approach to simplifying the security environment and a platform that can support third-party integrations.

As a first step, start with the security architecture and how it integrates with the overall enterprise architecture – take stock of existing security solutions and examine your daily operations. To do this, we recommend stepping into the shoes of your SOC teams, and what you may find are pervasive issues arising from tool sprawl. A major challenge SOC teams commonly face is the absence of a centralised view of the attack surface. Analysts are constantly switching between multiple dashboards to piece together what’s happening, often dealing with a deluge of redundant, uncorrelated alerts. This is not only time consuming but also heightens the risk of overlooking significant vulnerabilities.

Performing this evaluation will allow businesses to gain insight into their vulnerable assets, operational challenges, and the necessity of the deployed solutions. This paves the way for prioritisation and decluttering, especially as many solutions require specialised expertise and may not translate across multiple environments.

Implementing a unified cybersecurity platform

A unified cybersecurity platform can help remedy challenges stemming from tool sprawl, streamline operations, and fortify the overall security posture – by delivering unparalleled visibility across the entire cyber defence.

Having real-time visibility across the entire security environment enables businesses to disrupt threats upstream in the kill chain before any damage occurs — ultimately, improving the likelihood of prevention. Automation further empowers SOC teams to swiftly monitor, analyse, and respond to incidents with greater efficiency and precision. As such, it is unsurprising that many businesses undergoing consolidation are prioritising extended detection and response (XDR) technologies.   

Advanced, AI-powered XDR platforms today are designed to transform threat hunting, detection, and response across cloud, endpoints, networks, as well as OT and IT environments. More importantly, they cater to security professionals at varying skill levels, which helps with the resource crunch most organisations are facing, given the global cybersecurity workforce is facing a severe manpower shortage of 3.4 million professionals.

To stay ahead of the latest tech trends, click here for DigitalEdge Section

Training simulations with real-time data visibility can also be integrated by harnessing immersive technology like the Internet of Things (IoT) and metaverse. This involves creating a single intelligent platform that incorporates both a virtual immersive sandbox and 3D mission room. Platforms like these not only collate data and automate incident responses through their sandbox; they also simulate incident scenarios through their 3D mission room. By implementing both proactive and reactive approaches, they can significantly improve efficiency in incident management.

It is imperative for security teams to undergo comprehensive skills training to effectively leverage these advanced technologies in mitigating cyber threats. This will enhance the team’s capabilities, as well as strengthen the organisation’s overall cyber resilience.

Developing a proactive posture

Underpinning the journey to platform-based security is the paradigm shift from a tactical and reactive mindset to a strategic and proactive cybersecurity posture. Businesses are encouraged to discard the traditional blanket approach of applying uniform measures across all systems, in favour of a more effective, risk-based approach.

Modern cybersecurity platforms embed this proactive thinking through capabilities such as attack surface risk management (ASRM) — the continuous discovery, assessment, and mitigation of risks across an IT ecosystem, from an attacker’s perspective. By offering real-time insights into anticipated threats and automated risk scoring, businesses are empowered to strengthen defences strategically, focusing primarily on critical assets and pre-empting emerging threats.

However, this also necessitates a cultural transformation within organisations. Just as the threat landscape continues to evolve, businesses too must stay ahead with their cybersecurity strategies. Ultimately, the blending of cutting-edge tools with a strategic mindset will deliver the agility and capabilities that businesses need to achieve true cyber resilience.

David Ng is the country manager for Singapore at Trend Micro. Siang-tse Foo is a senior partner of Cyber at NCS.

×
The Edge Singapore
Download The Edge Singapore App
Google playApple store play
Keep updated
Follow our social media
© 2024 The Edge Publishing Pte Ltd. All rights reserved.