What’s your biggest frustration with your current cybersecurity tools? (don’t need to name names, just generally speaking)

2.8k views1 Upvote10 Comments

Director, Security Operations in Telecommunication, 501 - 1,000 employees
Our 24x7 MDR service - 90% false positives and poor ticket system integration.
Director, Information Security in Education, 1,001 - 5,000 employees
A lack of integration with key non-security systems.

For example, the ability to link our SIEM to our asset management system for a quick look at the info in there would speed up response time and the ability to make informed decisions
CIO in Manufacturing, 1,001 - 5,000 employees
While the most important features work, the business value dashboards and not usable directly for board presentations and needs quite a bit of work to translate real value. The dollar benefit articulation is still not great.
General Partner in Software, 2 - 10 employees
A common frustration I hear from security executives is the low signal-to-noise ratio across the security stack causing alert fatigue. A well-integrated security orchestration tool/layer seems to have demand in the market. 
Director of Information Security in Energy and Utilities, 1,001 - 5,000 employees
James mentioned above a lack of integration with non-security systems. I have difficulty integrating the security tools to improve their effectiveness. This is where the 80-20 rule works for me. If you can consolidate tools under one vendor, it tends to work better because they've done the integration work already. We might not get the best-of-breed solution with this approach, but it works better overall.

In addition, I also notice that we barely utilize the tools. Conduct an inventory and ask what percentage of each of them you are using. Spend time increasing it instead of buying a new one.
CIO in Education, 1,001 - 5,000 employees
There are almost too many of them, a lot of which do very similar things. Sifting through all of the sales rhetoric and being able to find the actual problem or risk that you're trying to address is the biggest frustration with the tools and the process of acquiring/implementing them.
CIO in Services (non-Government), 201 - 500 employees
Too much noise and too few actual actionable positives.  Also, far too many steps involved in getting the information that we need out of the numerous streams of incoming information.
Director of IT in Software, 201 - 500 employees
False-positive is the biggest frustration, especially if they are very common or continue to happen after you whitelist processes/activities reported as false positive.
On the general side, I'm not fond that almost all cybersecurity vendors have extensive use of the buzzwords like AI, ML, and DL. When you get into deep technical conversations with their engineers about how those technologies are used, how they differ from their competitors, etc., you don't get straight answers, which leads you to believe they are just buzzwords. Not all vendors are like that, but I see more and more that use fancy advertisements, which decrease your trust in those brands/vendors. 
CTO in Software, 201 - 500 employees
Lack of integration in the broadest sense.
Director of Information Security in Energy and Utilities, 1,001 - 5,000 employees
Too many tools and most are underutilized.  

Content you might like

Expecting more innovation58%

Expecting more of the same42%

Not sure yet – time will tell…0%



CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
43.5k views132 Upvotes319 Comments

Will deploy my IT and network virtually for the short term25%

Will consider virtual IT and networking for the long term, to replace physical deployments63%

Waiting for our Managed Service Provider to solve any issues6%

Not sure yet what to do6%


883 views3 Upvotes