Morphisec Cybersecurity Blog

Why Less Can Be More When It Comes to Cybersecurity

Written by Daniel Petrillo | March 3, 2021 at 3:00 PM

When it comes to cybersecurity, more investment doesn't necessarily mean more protection. Even though the cybersecurity market grew by over 10 percent annually before 2020, last year still saw a record amount of damage done by data breaches. While the threat landscape has undoubtedly evolved in recent years, the array of defense solutions available to organizations has multiplied too.

The takeaway from this discrepancy is that more spending appears to be achieving less security. The resulting paradox also highlights a pertinent problem: companies are pointing their cybersecurity budgets in the wrong direction. 

Organizations frequently end up building complex security stacks thinking that more solutions equate to better security. Unfortunately, while the average CISO can point to anywhere between 35 to 65 different security technologies in their environment, complexity does not mean safety. Instead, overly complicated security stacks can increase vulnerability by hiding critical security weaknesses while simultaneously draining vital organizational resources. 

Overly Complicated Security Stacks Incur a High cybersecurity Cost

The problem with the growing complexity of cybersecurity solutions isn't just that companies are wasting money. Complex solution stacks also take a significant toll on increasingly scarce human resources. Having too many solutions often does more harm than good because, even for the most advanced "next-gen" security solutions, a human being still needs to sort urgent threats from false alarms. 

As such, the natural result of deploying an overly complicated array of solutions is more data for cybersecurity professionals to sift through. Ultimately this "noise" will create alert fatigue for the teams tasked with analyzing it, whether those are security teams or IT teams. This, in turn, leads to a negative chain of consequences for your security posture. Faced with a barrage of false threat alerts, organizations are highly likely to reduce the sensitivity of their solutions to the point where the level of protection is minimal. Consequently, real threats end up ignored. That organizations take an average of over 280 days to discover a data breach lays testament to this issue. 

The genuine strain that complicated security stacks create for IT teams is also a significant contributor to burnout and reduced tenures for key staff. With over 70 percent of cybersecurity professionals claiming that a cybersecurity skills shortage impacts their organization, enterprises cannot easily afford to burn out their security teams. 

A Simplified Approach to Cybersecurity Makes Business Sense

If deploying dozens of third party security solutions made organizations safer, they might justify the investment in time and money they require. However, even the most advanced "next-gen systems" and security stacks are often useless against modern malware that bypasses them entirely.

Unknown attacks, because they’re unlike anything else currently in use, can bypass even the most sophisticated endpoint security solution, turning complex security stacks into white elephants. In just six months in 2019, the frequency of fileless attacks--the most common form of unknown attack--increased by over 250 percent, making defense against them an organizational imperative. However, with most solutions failing to protect against these kinds of attacks, adding yet more solutions to your security posture is not the answer. After all, when your defensive posture is built on a foundation of sand, it doesn't matter how elaborate the ramparts are.

Instead, a leaner approach to cybersecurity is required. Faced with the next generation of threats, organizations need to move away from patching weaknesses with ever more solutions. It may sound elementary but reexamining cybersecurity stacks and deploying only solutions that work is key to getting a real return on cybersecurity investment. Ultimately this means simplification. As part of a proactive approach to cybersecurity, simplifying your cybersecurity solution stack can reduce costs and make your organization more secure. 

Leveraging OS Native Controls Should Be a Cornerstone of Your Security Posture

Taking a proactive approach to cybersecurity is about more than just deploying the right security solutions. However, reassessing your AV setup is an excellent place to start. An effective antivirus solution provides the foundation of a strong security posture. That doesn't mean that organizations need the latest third party solution, though. Instead, effective AV protection can come from the oft-overlooked, OS native control, Microsoft Defender. 

While in the past the performance of Microsoft Defender certainly lagged behind its third party alternatives, today Defender is one of the most effective AV solutions on the market. Gartner recently ranked Microsoft as a leader within four Magic Quadrant reports, and Microsoft Defender is now regarded as equal or superior to any paid alternative currently available. Nonetheless, just like every other antivirus solution, OS native controls cannot defend against fileless or in-memory attacks. 

However, by leveraging OS native solutions with Morphisec, enterprises can acquire a two-step combination that neutralizes the threat of advanced, fileless, and in-memory attacks. While Microsoft Defender keeps known file-based threats at bay, Morphisecs’ deterministic protection uses a zero-trust runtime solution powered by moving target defense to keep threat actors deploying unknown and fileless attacks in the dark. Together with Morphisec, OS native controls increase security while at the same time reducing cybersecurity costs.  

Final Thoughts

Faced with the growing onslaught of cyber threats they face, organizations have naturally spent more time and money bolstering their defenses. Regrettably, much of this effort goes into the wrong areas. Rather than increase protection, cybersecurity expenditure is too often used to deploy a smorgasbord of solutions that create more stress than security. 

Against the rise of fileless malware, constrained budgets, and the need to retain cybersecurity talent, wasteful security stacks have no place in the modern enterprise. More than ever, organizations now need to drive actual ROI from their cybersecurity efforts. The key to doing this is taking a proactive security approach that builds off a simplified security stack and leverages OS native controls. For organizations struggling under the weight of complex cybersecurity stacks, fewer solutions means more protection.