Improving Security Outcomes While Balancing the CISO Budget

CISOs must continually do more with limited financial and human capital. This challenge is becoming more difficult as the attack surface expands, and as cost optimization becomes more critical.

To this end, a majority of security leaders (61%) report that outcome-based objectives are helping them better allocate security spending, according to the Cisco 2020 CISO Benchmark Report. Use of this method is up 10% from the 2019 survey.

What does this mean in practical terms? To achieve sought-after outcomes, organizations should:

1) Find investment balance across their security technology portfolio;

2) Achieve the visibility necessary to proactively respond to threats and incidents

Consolidation and Integration Provide Balance

The Benchmark respondents reported a somewhat similar spread among the core cybersecurity capabilities — identify (27%), protect (25%), detect (18%), recover (15%), and respond (14%). Compared with last year’s results, there was greater spend on identification, protection, and detection technologies. It would make sense to say that investments in these categories will lessen the need to respond and recover.

Yet, balance isn’t just about spend. Companies should also seek equilibrium through greater integration across the security portfolio.

“The market is continually looking for a more integrated suite of solutions to support their security initiatives,” said Steve Martino, CISO at Cisco. “While there are numerous options available, one way to approach this is through vendor consolidation.”

This trend to reduce complexity through consolidation is gaining popularity; 86% of security leaders in the CISO Benchmark Report said they’re using between one and 20 vendors, up from 79% in 2018.

Martino says consolidation can be accomplished by first identifying solutions that “integrate out of the box — that’s the fastest and most cost-effective way to get comprehensive security,” he said. “Then, any solution we add must have APIs to allow integration within our ecosystem that enable us to respond at machine-speed and not people-speed.”

Tying Everything Together with an Integrated Platform

A balanced, integrated approach can be achieved with a cohesive platform that offers robust security organization-wide. When all the pieces fit together, companies can more easily see and measure their security posture.

“To deliver a safe and secure IT environment, CISOs need complete visibility into the entire data collection platform,” Martino said. “You must be able to see irregular or trending patterns in real-time to mitigate and manage the known error. And that data must be instrumented — in other words, make certain you have the processes and procedures in place to minimize the threat exposure.”

The right security platform will offer this visibility, along with a consistent experience to strengthen security posture — without having to replace existing solutions or add new layers of technology. For example, it should integrate threat information with automation tools so that security teams can quickly automate an action to block a domain or a file.

Such a platform also helps CISOs to overcome the obstacles of limited budgets and over-burdened security teams, while still protecting the business. 

To learn more about how a simplified platform improves security outcomes, visit: https://www.cisco.com/c/en/us/products/security/securex.html.

Comments are closed.