Enterprises struggle with security monitoring ‘tool sprawl’

Enterprises have on average 29 security monitoring tools in place, complicating security operations center (SOC) efforts to prioritize alerts and manage cyber risk effectively. Those defending organizations with more than 10,000 employees typically have around 46 such tools, many of which go unused, underused, or otherwise forgotten.

That’s according to a new survey from Trend Micro released today, which found that tool sprawl is increasingly common in incident detection and response and can lead to high associated costs. “Not only do organizations have to pay for licensing and maintenance, but SOC teams are increasingly stressed to the point of burnout trying to manage multiple solutions,” Trend Micro technical director Bharat Mistry said in a statement. “Being unable to prioritize alerts may also expose the organization to breaches. It’s no surprise that many are turning to SOC-as-a-service,”

Cybersecurity attacks are on the rise, leading companies to devote an increasing amount of capital to their IT budgets. Cybercrime is up 600% since the start of the pandemic, according to PurpleSec, with the average time to identify a data breach climbing to 207 days. Canalys expects that cybersecurity investments will increase 10% worldwide as a result; in the first half of 2021 alone, investors poured $11.5 billion in venture capital into cybersecurity startups.

Lack of preparedness

Trend Micro, which interviewed 2,303 IT security decision makers for the survey, reports that over half of companies (51%) no longer use many of their monitoring tools due to a lack of integration and trust in the tools. Thirty-eight percent of respondents said that they don’t know how to operationalize the tools, while 37% said that they were extremely out of date.

Of those surveyed, 39% cited a lack of skilled professionals as a barrier to wider monitoring tool usage. This reflects the industry’s worsening cybersecurity skills shortage. A recent International Information System Security Certification Consortium study pegged the number of unfilled cybersecurity positions around the world at 4.07 million.

Due to the challenges, 92% of respondents told Trend Micro that they’ve considered managed services to outsource their detection and response capabilities. More than half — 55% — admit that they’re not confident in their ability to prioritize and respond to security alerts, with 70% saying that they’re “emotionally overwhelmed” by security alert volume.

Unfortunately, current blockers are likely to be exacerbated as malicious actors increase their attack volume. By the end of 2021, cybercrime is expected to cost the world $6 trillion — a figure that could climb to $10.5 trillion by 2025. This year and beyond, it’s estimated that businesses will fall victim to a ransomeware attack every 11 seconds as ransomware damage costs alone rise to $20 billion, a 57 times increase compared with 2015.