SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Businesses throwing money at nothing over cybersecurity stack
Wed, 27th Apr 2022
FYI, this story is more than a year old

Infrastructure and licensing costs are deeply concerning for businesses looking to consolidate cybersecurity tools and make a move into the cloud, according to findings from a recent poll from Logpoint.

The poll revealed almost a third of respondents believe they are throwing money at nothing when it comes to their existing cyber security stack.

The poll was issued on Twitter over 3 days and targeted cybersecurity and IT professionals to uncover the security and cost implications enterprises face with their existing IT infrastructure and the overwhelming number of solutions and applications.

When questioned on their feelings towards their existing cybersecurity technology stack, 32 percent admitted feeling as though they were throwing money at nothing, with a further 17 percent stating that it was too time and cost consuming. Worryingly, 27 percent also said it was overwhelming and a further 23 percent said they were at a tipping point with their current technology.

"Today's enterprises face an increasing number of challenges on their IT infrastructure, with a growing workforce across numerous locations and huge amounts of data to manage," says Andrew Lintell, Logpoint VP for EMEA.

"If ever there was a lesson to be learned, the COVID-19 pandemic certainly highlighted the importance of investing in the right business tools and technologies," he says.

"While some had to scale up, others had to scale back costs and reduce expenses to make up for lost revenue. These findings highlight that sentiment and the drastic need for businesses to get to grips with their existing infrastructure and the host of tools they are operating."

When questioned on where they think cost savings can be made in consolidating cybersecurity tools/solutions, 45 percent of respondents said reducing infrastructure would offer the biggest cost-saving, followed by removal of duplicated and unused tools (29%) and reducing analyst training (27%).

"With all the security products organisations have installed, sometimes up to 70 different solutions, and the money invested, they still remain vulnerable to cyberattack," says Lintell.

"Buying more solutions doesn't solve the problem and often results in duplication or crossover of tools and processes or solutions going unused. Businesses need to change tack and take up a more holistic and consolidated approach to cybersecurity."

When it comes to expense, this was also highlighted as the biggest concern with software licensing in the cloud, with 39 percent saying it was too expensive, and 24 percent noting unknown future costs as a cause for concern. Lock-in or lack of control with software licensing was flagged by 22 percent as an issue also, along with a lack of user-based licensing options over usage-based (14%).

"The cost of licensed software in the cloud is still a big blind spot for many businesses and can far exceed the cost of the cloud infrastructure itself," says Lintell.

"Without a complete picture of all of the costs particularly those associated with usage rather than based on the number of users, risk ballooning costs," he says.

"While security leaders may have the funds to buy multiple security solutions, they often do not have the expertise (or time and resources) to leverage the products feature set. Consolidation of capabilities, unified instrumentation and automation will minimise the time it takes for security teams to detect, orchestrate and respond to cyber incidents, and ultimately result in cost savings and limit wasted budget on unnecessary solutions."