We already knew that complexity is the enemy for Cybersecurity. As the threat environment has gotten more sophisticated, it is very likely those (sophisticated) organization responded to new threat by adding new tools to their security stack.
I always believe that "less is more" is also applicable in Cybersecurity world. With all these new challenging threats nowadays, we as the Cybersecurity leaders should take control of the tools/environment, and reducing complexity by leveraging fewer tools, so it can be more efficient and effective at their daily uses.
But how can we do it?
Based on my 13 years experience, it is possible with the correct approach and people. Here are my recommendations:
- Automation
- Try to automate any process, especially those repetitious process like vulnerability remediation, whenever possible.
- Integration (but not consolidation)
- Don't consolidate the tools as "defense in depth" still applicable in Cybersecurity.
- Use JSON/XML to integrate the tools for measuring any metrics.
- Orchestration
- Invest in centralized logging SIEM helps orchestrate and streamline the workflow.
- Using cloud for the cloud
- Invest in modern cloud tools rather than using the traditional tool to manage the cloud.
- Then integrate both the new and old tools.
- Public Relationship Education
- Invest a strong team that can help to communicate security updates and building the trusts with other organizations.
- The team can also provide education for others and set as single channel for communication.
With all the modern infrastructure, like mobile apps, IoT, hybrid clouds and DevOps being added to our operating environment, we still need to ensure Cybersecurity can grow faster and work smarter. The answer to this is Simplify Cybersecurity. And the key to Simplify Cybersecurity is to take a "less is more" approach.
Keep in mind that simplicity is the ultimate sophistication.