Cutting costs without impacting your security posture
When an economic slowdown looms, organizations are often forced to make difficult choices that reduce both risk and cost but position themselves to recover quickly as conditions improve.
No matter what cuts are made, security must remain stalwart, regardless of economic conditions. Security incidents negatively impact business, cost money to recover from, and can cause lasting damage to infrastructure or public reputation. Data breaches can have permanent, far-reaching impacts when they result in the loss of intellectual property or the leaking of personal information.
Optimizing the security strategy of an organization by finding efficiencies should not come at the cost of weakening the overall security posture. It is possible to control security spend, helping to reduce unpredictability overall. Here are three areas worth exploring to find efficiencies in your organization's security strategy:
1. Do you have too many security tools?
One study found that organizations had, on average, 45 security tools actively deployed. There is a range of reasons for this large number: for instance, an attempt to build defense-in-depth, the increasing complexity of IT systems, or the goal of closing off as many attack vectors as possible. Regardless of the reason, the fact is that more tools do not equal better security.
The relationship between the number of tools and security is often inverse: that same study found that organizations with 50 or more tools regarded themselves as 8% less prepared for an attack. And in another study, 40% of organizations were so overwhelmed by security alerts that they could not respond to 25% of them.
The reasons for this inverse relationship are myriad. It is difficult for staff to be trained and up-to-date on using so many tools. The tools may offer duplicate features — accompanied by duplicate blind spots. A plethora of tools means a plethora of vendors to contact when something goes wrong. Most of all, the preponderance of tools leads to a deluge of alerts that security teams have to deal with, resulting in alert fatigue.
Alert fatigue makes employees more likely to ignore security alerts. Responding to so many alerts detracts from overall productivity, and many of the alerts may be duplicates or false positives. Alert fatigue also makes it difficult to understand which threats are most pressing.
Compounding the exploding number of tools in use is the phenomenon of shadow IT. If company-sanctioned tools do not help employees get their jobs done, they may turn to unsanctioned tools. The total number of tools (including non-approved tools) in use may not even be visible to management, while approved tools may be lying there unused.
So, does your organization have too many security tools? Do you have the wrong tools? Where can you safely make cuts?
Get on-the-ground feedback from your security teams. What tools do they use most? What security alerts are most useful? What can they do without? Removing tools that aren't used or needed results in cost savings and increased efficiency.
2. Are you still investing in hardware?
While migrating to the cloud demonstrably results in savings over the long term, the cloud migration process can be costly and time-consuming early on. Ripping out and completely replacing hardware may not be feasible during an economic slowdown or a recession.
But even for businesses that retain mostly on-premise network infrastructure, any new investments in security should be in the cloud. For distributed denial-of-service (DDoS) mitigation, firewalls, load balancing, and network gateways, buying hardware is not a viable short-term or long-term option anymore. The time has come to move to a more flexible hybrid model instead of continuing to rely on hardware:
Investing in on-premise hardware exposes organizations to supply chain cost risks. Scarcity of materials, logistics challenges, and shipping delays can slow growth and send costs skyrocketing. Many organizations spent the last two-plus years experiencing just these challenges, as the COVID-19 pandemic and other factors drove up the cost of hardware and delayed shipping for months at a time.
On-premise hardware often leads to network traffic bottlenecks since it cannot scale on demand. And it may not be able to scale up to stopping the largest attacks anyway.
DDoS attacks are getting larger. In recent years, attacks of 2.54, 2.3, and 1.3 Tbps have been reported. In August 2021, Cloudflare disclosed it had faced and mitigated a DDoS attack of 17.2 million requests per second — and in June 2022, Cloudflare mitigated an attack of 26 million requests per second. DDoS attacks lead to downtime, which leads to financial losses: one survey found that the cost of IT downtime ranged from $100,000 to $540,000 an hour for most companies. Attacks of this size can easily exceed the capacity of on-premise hardware. Cloud-based security solutions, conversely, can simply scale up to meet these threats.
The cloud offers more flexible pricing models, enabling organizations to pay for what they use, instead of paying for hardware-based capacity that usually does not get used.
Consolidating in the cloud also offers the bonus of consolidating maintenance costs. The cloud vendor pays to maintain services, instead of a business absorbing the cost of constantly maintaining and updating hardware.
When an economic slowdown is approaching, it's time to stop ordering hardware and start investing in the cloud, particularly for cyber security.
3. Are you paying for point solutions?
Even for companies with largely cloud-based security services, the cost of paying for dozens of individual solutions quickly adds up, to say nothing of the interoperability issues that can arise between all these disparate solutions. Conversely, consolidating services like application security and Zero Trust in one platform can result in large total cost savings.
Look to work with vendors that bundle needed security point solutions in a broad, cohesive platform. In addition to saving on cost, this approach helps with mitigating the multiplying effect of having too many tools overall. In addition, such investments ease interoperability concerns. Tools from an integrated platform should be, by nature, compatible and interoperable. They should live within the same infrastructure for easy access and compatibility. Ideally, they can even be managed from a single dashboard.
Surviving economic slowdowns
Times of economic uncertainty often lead organizations to make impulsive decisions about cost-cutting. Preparing ideas for improving efficiency in advance can help check this impulsivity, ensuring that an organization can come out stronger, not weaker, from an economic slowdown. Now is the time to make your security strategy more efficient and more ready for the future by:
Reducing spending on unneeded security tools
Investing in the cloud where feasible
Consolidating tools into a flexible, broad platform
Cloudflare has put together resources to help organizations take control of their spending and turn economic uncertainty into opportunity.
This article is part of a series on the latest trends and topics impacting today’s technology decision-makers.
After reading this article you will be able to understand:
How to find efficiencies in security tools
The benefits of a consolidated platform over point solutions
Reasons for adding security capacity in the cloud