We love tools. If there’s a job to do, there must be a tool to do, and we’re happy to buy it.

But is that a great approach to cybersecurity?

The research says no. In fact, a 2020 IBM study that surveyed almost 3,500 security professionals found that despite the average corporation owning more than 20 cybersecurity tools (and a third owning more than 50!), more tools actually equals worse security.


"First of all, you want these tools to talk to each other, so you need to connect them together. Sometimes they do, and sometimes they don't, in which case you need to get another tool to connect them together. Then you need to configure them, you need to manage them, and you need to maintain them. And as you can imagine, that creates an enormous amount of work for CISOs, who are turning into systems integrators, which is not their role."

That sounds like a lot of work, which takes a lot of time, which is exactly what CISOs don’t have an overabundance of.

The solution is not to add tools but subtract tools. And to weave the right tools and the right people into a coherent and comprehensive system that provides 360-degree security.

In other words, an integrated suite.

For corporations that have standardized on Windows and other Microsoft tools, many are finding a Microsoft 365 E5 license to be the answer.

"Most CISOs are trying to consolidate tools to the lowest possible number. Microsoft has come up with an E5 license that many of our customers are using. I was talking to a customer last week and he mentioned that just migrating to the E5 security license is enabling him to consolidate 35 tools into one … and address about 95% of his security needs."

That includes unified functionality like Microsoft Defender for endpoints, identity, cloud, and Office, but also Microsoft Sentinel SIEM. Plus the ability to protect data, audit devices on your network or connected to your services, and manage security policies centrally.

"And so this person was not only super happy that they had a lot less complexity to manage, but also it enables them to work with a partner like us who is expert at the Microsoft set of tools. You get somebody who really understands not only the Microsoft security tools, but also understands the Microsoft attack surface, which is essentially the operating system for many companies."

Ultimately the goal is not buying tools, but building an ever-evolving and improving security infrastructure within which your company can run its business, produce its products, serve its clients, and manage its risk.

And that is achieving security maturity.

"Not only is it about managing those tools, but it's understanding your attack surface and how it evolves over time and having real-time visibility of your risk factors, of your capabilities, of your infrastructure."

Nothing’s perfect, and there’s no such thing as the impenetrable corporation. But the right tools in the right number – with the right expertise and monitoring – can help CISOs face a fairly daunting future with confidence that they are doing all that can be done to secure their companies.

And not just buying yet another tool.

Get our latest report

Enjoyed this post? Get our latest report on managed detection and response: The perfect storm: Why MDR is your only option in modern cybersecurity.

Covid, work from home, and bring-your-own-device have expanded our threat envelopes 1000X. Download this report to get insight on:

  • How fast real-world problems are growing
  • Why attack surface area is spiking
  • Why everything is now cloud (even on-prem)
  • Why tools aren’t the answer by themselves
  • How the most successful organizations are now protecting themselves