AlgoBuzz Blog

Everything you ever wanted to know about security policy management, and much more.

Search
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt
Search in comments
Filter by Custom Post Type
Posts

You Can Resist the Temptation of the Shiny New Tools

by

Welcome to the first blog in our special series, Mitigating Gartner’s Network Security Worst Practices.

In this blog I’ll discuss my thoughts on Gartner’s “Shiny New Object Syndrome”[1] worst network security practice, and suggest some best practices that will help you avoid succumbing to the siren call of the shiny and new.

Driven by market hype many IT security pros and their CISOs believe that they must have the latest and greatest new tools to win the battle against cybercrime. But just look at one of the most discussed breaches of 2014. Target had a variety of tools and services already in place to detect and potentially block attacks. These existing tools did sound the alarm. But the company was too focused on its investment in new tools, instead of paying attention to their existing tools. This came back to bite them and millions of their customers, whose records were stolen.

Target is not alone: Most companies don’t need to invest in yet another shiny new technology. In fact according to leading industry research, upwards of 95% breaches can be prevented by better managing existing technologies and making sure you cover the “the security basics, such as removing unused firewall rules, ensuring systems are patched, removing unnecessary admin rights etc. – all tasks that AlgoSec’s automated security policy management suite can help you with.

As Gartner says in Avoid These “Dirty Dozen” Network Security Worst Practices, “changes to policy/process, leveraging an existing technology and/or simply waiting will achieve a similar impact. In many instances, avoiding acquiring new products can simplify the technical environment and reduce operating expenditure/capital expenditure.[2]”

Furthermore, it’s important to note that only a handful of attacks (which are disproportionately amplified by the media) really use sophisticated attack tactics that the “shiny new toys” can help protect against, and most organizations are not a target for those types of attacks.

In fact these tools can do more harm than good. First, precious IT time is needed to learn, deploy and adapt these new tools to your environment – time that could be better spent on maximizing the benefits of your existing tools. Second, as with Target, these new tools will likely overload your staff with even more alerts and anomalies, and your already overwhelmed staff may not have the skills and certainly not the time to analyze, prioritize, and address them.

So focus on what you already have first, and invest your time and expertise in covering your security basics, and optimizing your existing security technologies, processes and people.  With a little polish and attention, your current tools will work even better than the “technology du jour”.

About the Mitigating Gartner’s Network Security Worst Practices Blog Series

In this special blog series we’re taking a deeper dive into the network security worst practices identified by Gartner, and are examining how each of the 9 worst practices that we specifically address can be mitigated using automated security policy management.

Check back soon for our blog post on The Culture of No.


[1] Source: Gartner, Avoid these “Dirty Dozen” Network Security Worst Practices, by Andrew Lerner, Jeremy D’Hoinne, January 8, 2015.

[2] Source: Gartner, Avoid these “Dirty Dozen” Network Security Worst Practices, by Andrew Lerner, Jeremy D’Hoinne, January 8, 2015.

Subscribe to Blog

Receive notifications of new posts by email.