Federal Cybersecurity: Too Many Tools Spoil the Broth

August 11, 2021

Some federal agencies have as many as 50 security tools. Yet few are confident in these tools’ ability to provide real-time, accurate and relevant data.

By Matt Marsden, Vice President, Technical Account Management, Federal, Tanium

Federal agencies have no shortage of security tools. Yet with the rise of distributed endpoints, many of their traditional perimeter security tools have become obsolete.

IT leaders often look to new tools, patches and updates to plug the gaps of federal cybersecurity. But few of these tools get used. According to new research, just one in three federal IT leaders say their tool utilization rate is even above 50%.

There’s little point in trying to salvage these past investments by bolting on new features. Instead, leading federal agencies are fully resetting their security tool foundation with a new baseline approach.

What these IT teams realize is that a modern approach offers real-time visibility and control at scale across every endpoint on the network – regardless of where that endpoint is physically located. When one vulnerability can put an entire organization at risk, there’s no room for error.

The risks of tool reliance

For a proactive response to risk and tighter federal cybersecurity, leading agencies are retiring their legacy infrastructure. Methods that worked 10 years ago, such as perimeter security and firewalls, are no longer applicable to today’s modern threatscape.

What about agencies that instead maintain their reliance on older tools? They face growing risks. As the old adage puts it, they have “too many cooks in the kitchen.” By bolting on additional tools and features, they can end up with too many tools, many of which are no longer effective.

This overreliance on aging tools can also complicate risk decision making. What’s more, too many tools are difficult to scale. They also can leave cyber operators trying to protect a borderless enterprise with tools designed for a traditional perimeter.

IT leaders are beginning to recognize these pitfalls. In a recent survey, nearly all federal cybersecurity managers (99%) say they’re rationalizing and consolidating tools, possibly leading to growing efficiencies.

A different path

Every federal agency has unique needs and must understand that there is no cyber silver bullet. No single tool, or even multiple tools, can guarantee the security federal data requires. What’s needed is a thoughtful approach, one that’s as distinctive as the agency’s requirements.