Is there such a thing as having too many security tools?

Strategy & ArchitectureSecurity & GRCSecurity Strategy & Roadmap+7 more
1.4k views5 Comments
Managing Partner in Services (non-Government), 11 - 50 employees
The various parts of our security tool set don't really talk to each other and they're all on different upgrade cycles. We need to put more pressure on the vendor community to quit making us hobbyists. Stop coming up with point solutions. Give me a real solution, not a tool that is a component of a solution.

We're technology people so we tend to drive into the tools a little early. Our clients are getting all these alarms and alerts, but they get so many because they don't have any thresholds set for the ignore factor. If you're getting blasted with alert smog, there are so many alarms that you don't pay attention to them anymore. But some of those alerts are for real threats. There's a signal to noise ratio to get filtered out, but how do I do that?
1
CISO in Software, 51 - 200 employees
In the security rainbow, at the bottom are the mission-critical assets, and they’re surrounded by data security, application, endpoint, network, perimeter security, prevention, operations, etc. There's not one solution or one framework that you can follow to meet all of this criteria and reduce your risk.

We've been seeing these security incidents for years, and it's just history repeating itself over and over again. I'm waiting for some innovative startup to come along and fix a good portion of the rainbow. We need to figure out the best way to approach zero trust without overdoing the tool situation to detect everything.
2 2 Replies
Managing Partner in Services (non-Government), 11 - 50 employees

You could spend your entire IT budget on security tools. Most CIOs I know complain that I keep adding more security tools, but I never take anything out. You end up laminating over this stuff and the tools are tripping over each other and their update cycles are wrong.

The VC community is still pumping lots of money into point solutions in the security space, that's the problem. Because they're playing for an exit strategy of an acquisition by somebody bigger: “let's make some cool, niche thing so somebody will buy us.” And then they have a hodgepodge of things that don't work together. Security has been a big thing for the last 10 years and I haven't seen anybody come up with the “all-singing all-dancing” solution, or even architecture for one.

Head of IT Business Applications in Software, 501 - 1,000 employees

That's a good point. And that's been a problem in all of IT, not just security.

2
Senior Director, Business Intelligence and Data Management, 10,001+ employees
Today there are 15-20 different locations for our data. There is value in tying them together and analyzing that information, drowning out the noise to pick up the signals, and correlating the signals from your market conditions to what you are selling, therefore improving your offerings. But, how does the analyst come in? What is the right setup as you start bringing in information into the data lake? What is the right level of access when our data lake has information from—in our case—roughly 130 different applications that we pump information through?
2

Content you might like

We are about to embark on ECC to S/4HANA migration, and SAP is pushing us strongly towards RISE. They delivered a business case for us, and they are presenting cases of successful RISE migrations. On the other hand, our experience with handing over any support or project execution to SAP (e.g. BTP or SAC Cloud Foundry migrations, Success Factors and Ariba configurations) in the last 2-3 years has been very negative. Can anyone with hands-on experience with RISE share their journey? Contrary to what SAP is showing us, I am interested in challenges and complications that may arise in project execution, particularly in the quality of support they provide during the migration and in BAU. 

Enterprise Resource Planning (ERP)Enterprise ApplicationsIntegrations+17 more
1.8k views3 Upvotes

What are some ideas to keep up team morale remotely? Are there specific or structured adjustments you've made to counteract burnout/keep up productivity and mental health?

People & LeadershipProcess ManagementTeam & Organizational Design+9 more
Community User in Software, 11 - 50 employees

organized a virtual escape room via https://www.puzzlebreak.us/ - even though his team lost it was a fun subtitue for just a "virtual happy hour"
10
Read More Comments
10.8k views26 Upvotes63 Comments

Do you trust the data & reports from the big analysts?

Strategy & Architecture

Yes41%

No15%

Sometimes42%


8249 PARTICIPANTS
71.9k views166 Upvotes58 Comments

What is the best work travel advice you’ve ever been given?

FeedbackPeople & Leadership
Founder, Self-employed
Work travel is a privilege. Embracing your experience to meet new people, and see the beauty of nature and culture wherever you go.
19 5 Replies
Read More Comments
74.3k views71 Upvotes42 Comments

Which components of the Oracle Database environment do you plan to move to the cloud? (Select all that apply)

CloudApplications & PlatformsData & Analytics+7 more

Production45%

Backup64%

Replication34%

Non-production DBs (Dev, Training, QA, etc.)31%


213 PARTICIPANTS
1.3k views1 Upvote