The cybersecurity vendor market space has grown significantly. As an MSP, you’re likely inundated with calls about the latest technologies. There's a nearly limitless menu of options to secure your clients’ environments—how do you know which tools to choose?
As threat actors continuously orchestrate new ways to attack, companies began adding individual products to address each emerging risk. These limited-function products, known as point solutions, lead to "stack bloat."
Every so often, it’s essential to set aside time to ask whether these tools are getting the job done. If your tools aren’t generating the value you’d hoped, or if your suite has become unwieldy and hard to manage, assess your cybersecurity stack. Before we discuss how to do that, let’s explain how assessing your stack benefits you.
Optimize your cybersecurity stack.
For MSPs delivering managed security, having too many tools will lead to lower margins, exhausted staff, and may even put your clients at heightened risk of attack. Get our top tips for an optimized stack.
Download now
3 reasons to assess your cybersecurity stack
Minimize unnecessary costs
It’s completely normal for MSPs to use multiple cybersecurity solutions to protect their clients’ threat surfaces. After all, no two threat surfaces are the same. However, there’s a tipping point. There is such a thing as too many products.
You must carefully and thoughtfully plan your cybersecurity toolkit. Choose each product based on client needs and your available resources. Otherwise, you may mistakenly add a solution that delivers capabilities you already have, causing you to pay more for functionality you didn't need.
What's more, redundant tools lead to major inefficiencies. The volume of threat alerts from all these tools creates significant noise that quickly becomes overwhelming. Consider the effort it takes to investigate alerts—many of which will likely be duplicates or false positives due to overlapping functionality in your stack—and it becomes clear why less is often more.
Assessing your stack will help you pinpoint redundant tools that could be removed without harming your clients’ defenses.
Address gaps and other risks
An assessment also allows you to find gaps in your security stack. You may think that a specific tool helps you achieve a goal, but evaluating your cybersecurity stack could reveal gaps or blind spots putting your clients at risk.
A proper assessment will also help ensure you use all your tools to their fullest extent. Instead of buying another solution to fill a gap, you may discover that one of the tools you already pay for has the functionality you need, it just wasn't enabled. Why spend time and money looking for a new tool if one in your stack will get the job done?
Remove inefficient tools
Businesses need qualified experts to manage complex cybersecurity stacks, but each added piece of software puts more weight on teams. The pressure can quickly become overwhelming. Regularly reviewing your toolset with an eye on efficiency and interoperability can help you reduce stack bloat and make managing the technology easier.
Even with the right resources, complex products are frustrating to manage. Slow portals, messy dashboards, and unclear alerts cause more harm than good. A poor user experience makes it harder to detect legitimate threats, giving attackers more time to cause damage.
Assessing your stack will help you understand how recently-added tools are meshing with your environment. Sometimes MSPs will find that their tools aren’t meant for their client base, or perhaps require specialized expertise that's extremely difficult to find.
How to assess your cybersecurity stack
Step one:
Create an inventory of existing security tools you use to protect your clients. Your exact list of tools will vary greatly, but remember to include things like:
- Threat monitoring, detection, and response for your...
- Endpoints
- Networks
- Cloud-based services
- Firewalls
- Password managers
- Multi-factor authentication tools
- Virtual private networks (VPN)
- Data and device backups
Step two:
Find a framework that can help you keep things organized. Industry standards offer frameworks that enable organizations to evaluate their cybersecurity service tangibly and objectively.
The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), for example, shows how to properly layer security solutions to minimize cyber risks. The framework focuses on five core components (which are then broken down further into sub-components):
- Identify: determine business-critical functions and what cyber security threats could disrupt them.
- Protect: limit the impact of a security incident and may include technologies (e.g., antivirus or firewall).
- Detect: measures in place to pinpoint threats or risks (e.g., continuous monitoring for suspicious activity).
- Respond: the capability to react to incidents effectively (e.g., proactive incident response (IR) planning).
- Recovery: the controls in place that help restore business after an incident (e.g., data backups).
According to NIST, an organization can “use the Framework to determine which activities are most important to assure critical operations and service delivery. In turn, that will help to prioritize investments and maximize the impact of each dollar spent on cybersecurity.
Step three:
Map your inventory of tools from step one to the framework in step two (or the framework of your choosing). This is also a great time to factor in the ROI of your security stack—how much profit does each tool bring in? How does that compare to its costs? Calculating ROI can be time-consuming, but it can help you make strategic business decisions that also improve your margins.
Take note of where there are empty spaces, which would imply gaps, or overflowing sections, which would imply redundancies.
Then you can take steps to make sure your stack is well-balanced by removing and adding tools as needed.
Tips for optimizing your cybersecurity stack
Pivot away from the point solution approach to optimize your security stack. Not only do point solutions offer an inadequate defence, but they’re also complex to manage, and the individual costs of each tool quickly absorb your budget.
By replacing point tools with solutions with a holistic, hybrid solution, you can drastically simplify your tech stack while improving its capabilities. Think of all the time and effort you’d save not having to piece together tools to create the comprehensive defence your clients want.
Field Effect MDR is our hybrid cybersecurity solution. Our partners get access to a complete MDR solution that lowers their monthly costs, puts time back in their team’s day, and results in better defences for their clients. Want to know more about what it’s like partnering with us as an MSP? Visit the Field Effect Partner Program
