News

Majority of Enterprises Deploying Redundant Security Tools

• By Chris Paoli
• 10/13/2021

Is having too much security a bad thing?

According to a recent study by Trend Micro, more than half of enterprise security operation centers have deployed redundant, unused and unnecessary security tools. This is causing an increase in overall stress levels for SecOps managers, according to the security firm. 

The report, titled "Security Operations on the Backfoot," interviewed 2,313 IT security decision makers from 21 countries and found that more than half of the organizations represented (51 percent) are not using the security tools, like antivirus and advance monitoring software, currently being used in their environment.

When asked why, Trend Micro found the following reasons why these tools are going ignored:

• Lack of integration (42 percent of respondents)
• Lack of skilled professionals (39 percent of respondents)
• Difficulty understanding how to operationalize them (38 percent of respondents)
• Out of date (37 percent of respondents)
• Don't trust them (20 percent of respondents)

"Tool sprawl is increasingly common in global organizations of all sizes, but when it comes to incident detection and response, there's a growing but sometimes unacknowledged cost associated," said Bharat Mistry, Trend Micro's technical director.

This cost can include the financial burden of the licensing price and the cost in maintenance and patching. The report said that many are "stressed to the point of burnout" due to trying to juggle multiple solutions -- many of which are seen as completely unnecessary for their environment.

Tool sprawl is just one symptom of IT security pros feeling burned out, according to the report. Trend Micro pointed to the growing trend of SecOps managers becoming unhappy and stressed out due to the rise of ransomware as another factor. According to the report, 51 percent said they are "drowning in alerts," with even higher averages for industries like real estate (70 percent), legal (69 percent and hospitality (65 percent).

The sheer amount of alerts are causing many security experts to fall into bad habits that can affect network safety. According to the report, 40 percent admitted to ignoring alerts to work on something else, 43 percent said they walk away from the computer when feeling overwhelmed, 43 percent admitted to turning off alerts and almost half (49 percent) said they just assume alerts are false positives.

Among the growing rise in tool sprawl and increase in ransomware, Trend Micro identified other factors that have been contributing to SecOps burnout, including:

• Insider neglect due to the increase in work from home policies. The report found that employees are more willing to engage in risky behavior, like downloading confidential data to unauthorized apps, when working from home.
• Loss of collaboration and teamwork for SecOps members. Many respondents said that remote landscape has hurt the productivity of their security team that had been used to working close together in a centralized location.
• Rise of legitimate tools as attack vectors. Attackers are relying on more legitimate avenues for data exfiltration, like system tools and features, to perform attacks that are hard to spot.