The relation with Technology is strained in the world of cybersecurity for many reasons. While we are almost obsessed with solving the problems using some kind of technology, we realized that these solutions simply alter the model while the complexity remains or increases. Besides, digital transformation cycles are becoming more complex and evolving at more incredible speeds, and the fact remains that technology is equally accessible to the very people that we’re trying to stop.
If you went back 20 years ago, technology cycles lasted five years to a decade. Today, those cycles are getting shorter. A lot shorter. So, if you are in security, cloud, data analytics or any related positions, you’re facing new developments in a condensed period that can be as short as a few months. Due to the complexity, there is a considerable challenge to fully understand the technology and the impact, in addition to implementing that technology within your company.
In the past, if you were setting up a technology division in a company that focuses on something other than technology, it was much less stressful and much more straightforward. The applications, network, storage, infrastructure and security surrounding your data were much simpler to implement and more manageable in a centrally controlled manner. Now, every business must protect data in a significantly more complex and even ferocious environment distributed across multiple locations and clouds that are less controllable and more prone to attack.
The sheer size of the cybersecurity department has also increased over the past 20 years as a response to more resources being required to manage the growing number of solutions: SIEMs, firewalls, antimalware, identity and access control solutions and more. Additionally, threats have increased exponentially. In fact, Forrester has estimated that the average security-operations group gets more than 11,000 security alerts daily. So, having the time to maintain and operate data analytics solutions, as well as managing other operational requirements, can be difficult at best. Hence the increased reliance on technology.
No technology vendor can supply everything a company needs to be secure, and that’s where the technology myth begins to break down. Multiple vendors with multiple technologies have led to a complex technology portfolio relating to security. There is bound to be a human issue as a result. First of all, how do you put it all together? How do you manage it? How do you balance the art of cybersecurity with the science of architecture while managing the financial impact of it all?
People struggle to understand if a particular piece of technology is achieving specific objectives, leading to the fear that we must need it because it supports some aspect of our business strategies. We just don’t know because it’s so complex, and we’re afraid something will break if we remove it. Often, we don’t know if it’s doing anything at all. Instead of technology creating efficiencies, it’s convoluted and interconnected in an operational mesh that makes it fairly hard to analyze.
So that’s the central issue that we’re having with technology.
It feels like everybody has moved to colossal enterprise solutions. And everything has become so complicated with all the bells and whistles, but we’re starting to miss the real issues. The more complicated you make something, the harder it is to implement and operate.
Now imagine implementing this tech across larger companies that are continually engaged with multiple M&A deals each year. The question becomes whether the collective technologies from these companies are integrated, or do you now face an even larger patchwork of technologies that only add to the problem?
Our experience in these situations is that even years after they’ve acquired those companies, the technologies and systems are still very loosely integrated. They don’t feel like they are part of an ecosystem, never mind part of a planned strategic solution.
So, what can you do to manage the right cybersecurity strategy with the correct use of technology?
We believe that the best solution is to establish minimum viable service, and to do that, you need an underlying minimal technology stack to support those requirements.
Minimal technology stack simply explained
A minimal technology stack is something that is going to support what the company really needs, and nothing else. This means that you start with an absolutely minimal set of technologies that you support in your environment. This particular set of technologies is enough to deliver on whatever strategy you have established to meet your business objectives and reduce risk.
Let’s say that you have a car with a lot of features. When you upgrade the car, let’s say every 4 to 5 years, the new model comes with many new features. The features are even more complicated and overwhelming when you get into the luxury segment. But the question is, how many of those features are you going to use most of the time? Some features from your old vehicle will get upgrades, and you pay for those upgrades. But you’re only going to use those features one or two times during the entire use of your car.
Think about your sunroof, for example. Everyone wants one, and it’s wonderful in the summer, all the two times you use it. Much of the same thing is happening with technology. There are far more features than you will ever use, but you end up paying for and maintaining them anyway.
So, how can you establish a minimum viable service by implementing minimum viable technology? That’s extremely important. And if it’s not minimal, you already have a problem. It will start from the financial and skills perspective. Then it will quickly escalate into stalled projects, or worse – failed projects, because you have too many complex interdependencies that are delivering different things. This interdependency creates problems when you are updating or removing features.
Another aspect to consider is the small vs large world problems. A small world can be defined by a finite set of rules and parameters, hence it is more of a puzzle that can be solved, with no ambiguity how the component act in a specific event. On the other hand, a large world does not have a finite set of rules, and ambiguity is prevalent. A choice or an action in a large world can be “optimal,” but never “best.”
Malware operates in a small world setting, yet malware distribution operates in a large world setting with a lot of ambiguity from human action and sometimes by other events. When dealing with technology solutions, the rule of thumb is: if the problem is in a small world domain, it can be solved 100% by technology or a combination of technologies. That includes ML, AI, etc.
Yet if the problem escapes the small worlds into a large world domain, no combination of technologies, including AI, will solve it when facing ambiguity. It has a large level of uncertainty and a human component. It must be dealt with by focusing on humans’ interactions, eliminating the ambiguity, dividing the issue into a set of small world problems, and applying technical solutions to these.
That’s why digital transformation can only be achieved to a limited extent in larger companies. They cannot simplify their technology stack. Why? They’re not asking the right question, which is, do we even need that? Instead, they say we want something that is going to be easier and cheaper to operate. They need to say that can we please declutter and use less technology because the current technologies are not working for our needs.
When you declutter your technology, it’s less expensive, but it’s also going to mean that you can release some resources that can be reallocated to more strategic and productive work of stopping the real threats to your company.
Learn how we can help at Parabellyx.com.
Parabellyx are security-matter-experts who take a focused and business-aligned cybersecurity approach to developing strategies that accomplish your key business goals and objectives. We then train your entire organization in security, preparing you for any threat until a security mindset is entrenched across your entire company, protecting and ‘future-proofing’ your information, your employees, your customers, your shareholders and your reputation.