CISOs certainly face no shortage of new cybersecurity challenges, whether it’s the work-from-anywhere culture, ever-changing attack techniques, the cybersecurity skills shortage, or the sprawling number of security tools perceived as necessary to protect the enterprise.
Security vendor SyxSense recently conducted research that found a direct correlation between the number of security tools an enterprise has in place and the number of breaches they endure. “It’s not how you’d think,” says Ashley Leonard, CEO at SyxSense. “The more tools you have, the more breaches you have,” Leonard says.
Leonard hypothesizes that organizations with too many security tools deployed can’t effectively use those tools. “Finding the right tools to manage the environment is a major challenge for organizations,” he says.
Yet, organizations aren’t just facing a tools challenge; it’s also a people challenge. “There are so many demands on IT managers and CISOs today. And so, how do they simplify security and operations? How do they automate security and operations so that one can do more with the same number of people that one has today,” Leonard asks.
Unify security data
Leonard explains how SyxSense helps enterprises unify how they manage endpoint security by consolidating the security management for all endpoints and gathering security data within a single console. This, says Leonard, helps IT and security teams to streamline endpoint management and the safety of their devices. “We identify all the assets connected to the network or used in the organization,” he says.
That’s a crucial foundation because, for most enterprises, it is a challenge to understand what devices they have deployed. “We help organizations discover and bring all their IT assets under management. And provide unified endpoint management capabilities whether it's Windows, Mac, Linux, and even mobile devices such as iOS, Android, and even IoT devices,” he says.
With a firm foundation of deployed assets understood, Leonard explains how SyxSense next helps its customers to ensure that all endpoints are patched with the latest software updates. And while maintaining current patch levels plugs one of the primary entryways for attackers, it’s not the only entryway. Leonard explains that SyxSense also scans for poor configurations that could lead to a breach. Being a unified management and security platform, SyxSense can report on security problems for its customers and use the management engine to remediate security configuration challenges, which may include tasks such as shutting off unnecessary open ports or applying needed registry updates.
“You can't think about [security being] a hard shell like we used to think about security, such as how the firewall was protecting the organization [from the outside]. But inside, you had the soft center that was exposed. You must consider the security posture of all your devices and the relationship to where that device currently sits [in your environment].”
Perhaps that means prioritizing systems that sit near critical applications and data or securing endpoints differently depending on whether they are operating within the enterprise’s network or from a home wireless network. Either way, it’s about setting the correct security posture.
By George V. Hulme