Is there such a thing as having too many security tools?

The various parts of our security tool set don't really talk to each other and they're all on different upgrade cycles. We need to put more pressure on the vendor community to quit making us hobbyists. Stop coming up with point solutions. Give me a real solution, not a tool that is a component of a solution. We're technology people so we tend to drive into the tools a little early. Our clients are getting all these alarms and alerts, but they get so many because they don't have any thresholds set for the ignore factor. If you're getting blasted with alert smog, there are so many alarms that you don't pay attention to them anymore. But some of those alerts are for real threats. There's a signal to noise ratio to get filtered out, but how do I do that?

Anonymous Author
The various parts of our security tool set don't really talk to each other and they're all on different upgrade cycles. We need to put more pressure on the vendor community to quit making us hobbyists. Stop coming up with point solutions. Give me a real solution, not a tool that is a component of a solution. We're technology people so we tend to drive into the tools a little early. Our clients are getting all these alarms and alerts, but they get so many because they don't have any thresholds set for the ignore factor. If you're getting blasted with alert smog, there are so many alarms that you don't pay attention to them anymore. But some of those alerts are for real threats. There's a signal to noise ratio to get filtered out, but how do I do that?
1 upvotes
Anonymous Author
In the security rainbow, at the bottom are the mission-critical assets, and they’re surrounded by data security, application, endpoint, network, perimeter security, prevention, operations, etc. There's not one solution or one framework that you can follow to meet all of this criteria and reduce your risk. We've been seeing these security incidents for years, and it's just history repeating itself over and over again. I'm waiting for some innovative startup to come along and fix a good portion of the rainbow. We need to figure out the best way to approach zero trust without overdoing the tool situation to detect everything.
2 upvotes
Anonymous Author
Today there are 15-20 different locations for our data. There is value in tying them together and analyzing that information, drowning out the noise to pick up the signals, and correlating the signals from your market conditions to what you are selling, therefore improving your offerings. But, how does the analyst come in? What is the right setup as you start bringing in information into the data lake? What is the right level of access when our data lake has information from—in our case—roughly 130 different applications that we pump information through?
2 upvotes