Industry reports vary, but experts estimate that the modern CISO uses somewhere between 55 and 75 discrete security products. Vendors are often guilty of overpromising and underdelivering — the reality rarely lives up to the marketing. This puts CISOs in an ironic situation — often, the tool they bought to make their lives easier ended up causing more headaches.
This is an endemic issue, but what do you do when you have too many tools that integrate poorly, require different expertise, and provide too much data but not an overall view to the security risk level? Consolidation sounds attractive. After all, what CISO wouldn’t want to reduce clutter, cut costs, and simplify procedures — but where to start?
Begin with Data Quality
CISOs know there is no perfect solution for security. Clearly, multiple security solutions are needed to cover the security controls. However, CISOs should strive to maximize the value of each investment and reduce the number of tools. To cut through the noise and data coming from tools (specifically, those that identify…