Unconsidered benefits of a consolidation strategy every CISO should know – Source: www.cybertalk.org

Pete has 32 years of Security, Network, and MSSP experience and has been a hands-on CISO for the last 17 years and joined Check Point as Field CISO of the Americas. Pete’s cloud security deployments and designs have been rated by Garter as #1 and #2 in the world and he literally “wrote the book” and contributed to secure cloud reference designs as published in Intel Press: “Building the Infrastructure for Cloud Security: A Solutions View.” 

In this interview, Check Point’s Field CISO, Pete Nicoletti, shares perspectives around cyber security consolidation. In our complex threat landscape, consolidating security can increase efficiency and enhance threat prevention capabilities. Discover the advantages and challenges associated with a consolidated approach and leverage these insights to make informed decisions pertaining to your strategy. Don’t miss these valuable insights.

How are CISOs currently building out or transitioning their information security programs? What kinds of results are they seeing?

In challenging times, CISOs are looking closely at their tool sets and seeing if there is overlap, or redundant tools, or underutilized tools. CISOs are also evaluating their “play-books” to ensure that the tools in-use are efficient and streamlined. CISOs are also keen to negotiate ELAs that give them lower costs with flexibility to choose from a suite of tools to support the “speed of business.”

Security teams need to be trained and certified on their tools in use, and those budgets are under pressure. All these drivers lead to tool consolidation projects. Our customers are frequently very pleased with the normally mutually exclusive benefits: Costs savings and better efficacy, once a consolidation program is launched.

What are the key considerations for CISOs in deciding on whether or not to consolidate information security solutions? Can CISOs potentially lose capabilities when consolidating security and if so, how can this be addressed, if at all?

Losing features when consolidating is a valid concern, however, typically we find more advantages after consolidation: Lower training costs, higher staff satisfaction, fewer mistakes made, and the real gem; higher security program efficacy. We also see our customers leveraging the cloud and needing to extend their security protections quickly and easily, and our Check Point portfolio supports this using one console. With all the news about our peers contending with exploited security vulnerabilities and other challenges, Check Point is continuing to gain market share and supporting happy customers.

How should CISOs go about deciding on whether or not to consolidate cyber security? Beyond cost, what should CISOs think about?

The number one consideration should be efficacy of the program. CISOs are realizing that very small differences in efficacy lead to very large cost savings. The best security tool for the job should always be selected knowing this. An inventory of tools and the jobs they are doing should be created and maintained. Frequently, CISOs find dozens of tools that are redundant, overlap with others, add unnecessary complexity, and that are poorly deployed or managed and not integrated into the program. Once the inventory is completed, work with your expert consultant or reseller to review and find redundancies or overlaps and kick-off a program to evaluate technical and cost benefits.

What can organizations achieve with a consolidated cyber security solution?

As mentioned previously, the number one goal of the program should be improving efficacy and our customers do report this. Efficacy lowers the number of false positives, lowers the number of real events and decreases overall risk. Other savings are found with lower training costs, faster run book execution, fewer mistakes and the ability to free up security analysts from wasting time on inefficient processes. Those analysts can now be leveraged into more productive efforts and ensure that the business growth and strategies are better supported.

As a seasoned professional, when you’ve worked with CISOs and security teams in moving to a consolidated solution, what’s gone right, what’s gone wrong, and what lessons can you share with newbie security leaders?

Any significant change in your tool set needs careful consideration and evaluation. Every new tool needs to be tested in lab and moved, as appropriate, into production. You need to find all the gotcha’s with any new tool going inline before they cost impact.

Don’t rush this testing step! Ensure that you have good measurements of your current program so you can easily determine improvements with new tools or consolidation efforts.

If CISOs decide against consolidation, how can they drive better value through existing solutions?

Ensure that the solutions you are using are fully deployed and optimized. We frequently uncover many tools that are underutilized and ineffective. Sit with your staff and watch their work. If they are cutting and pasting, logging into and out of multiple tools, not having the time to address every alert, or are making excessive mistakes, it may be time to have Check Point come in and do a workshop. Our very experienced team will review the current program and provide thoughts and ideas to improve the program. Even if consolidation is not selected, other findings may help improve the program!

Are there any other actionable insights that you would like to share with cyber security leaders?

Every security program is different, and your challenges are unique. But, you can’t know everything, so, consider working with your trusted partners and invite Check Point in to do a free discovery workshop. Cloud maturity, consolidation program consideration, Zero Trust program formulation, and many others are available. As a CISO, you may have some initiatives that need extra validation, and we are standing by to help propel your program.

To achieve an even stronger cyber security posture, be sure to read Check Point’s whitepaper: The Case for a Prevention-First Approach.

Lastly, to receive cutting-edge cyber security news, the latest best practices, expert analyses and outstanding interviews in your inbox each week, please sign up for the CyberTalk.org newsletter.