Diversification is often encouraged in investing in order to manage risk. The rationale: if your investments fail, you will have fallbacks since it’s highly unlikely for all of them to fail at the same time. Does this logic also apply to cybersecurity? The answer is no.
However, many still resort to using several cybersecurity solutions from different providers. Enterprises can still fail to realize the misconception of superiority in diversity in the context of security.
Complexity and inefficiency
Imagine running a separate software for antivirus protection, another for email scanning, one more for spyware removal, and so on. For enterprises, separate solutions for endpoint detection and response (EDR), user behavioral analysis (UBA), and network traffic analysis (NTA) may also be employed.
While some may think that the combination of solutions from various vendors brings the best of the best for the protection of the enterprise, the reality is that it results in a less than formidable setup.
For one, it is highly probable to have a redundancy of functions. Most antiviruses, for instance, come with a multitude of features including email scanning, password management, and even link scanning. It will not be easy to reconcile conflicting functions.
See: The Most Common API Vulnerabilities
Which ones should be deactivated (if they can be deactivated at all)? Which ones to be allowed to continue operating? Can ..
Support the originator by clicking the read the rest link below.
