Evolving Capabilities
A commonly overlooked process that many organizations can benefit from is the task of reviewing, evaluating and implementing tooling throughout their working environments. The process itself can be painstakingly difficult since the complexity of technology has evolved into a deeply integrated set of systems and applications. Often, these systems and applications house data that requires establishing absolute protection mechanisms. The sheer volume of utilized tooling can be dizzying.
Tools rationalization is meant to bring visibility to the organization and identify tools and technology being used across all types of departments, not just those used by IT or Security Operations. A well-placed tools rationalization practice will help provide direction for your toolset in many ways, including the ability to improve your tooling capabilities while saving an organization overall time and costs.
The Top 3 Considerations for Tools Rationalization
1. Strategic Alignment
A thorough tools rationalization practice emphasizes the criticality of the technology currently being used in the environment. An organization should consider whether tools should be kept or removed, based on an evaluation process that considers the following:
- Should the tool be kept, retired, removed, or replaced based on current need?
- Should the tool be consolidated into another solution, or consolidated by a solution that is not currently in the environment?
- Rationalization should not be viewed as a negatively impacting practice and should be supported by the business’s initiatives to resolve siloes or duplication.
- How is the tool being used, based on determinations made by existing administrators, users, department, and product owners?
2. Application Performance
Over time, tooling and applications may become outdated due to a variety of reasons. Whether the vendor is no longer supporting an application, or the toolset has become stale when compared to other newer, or different tooling offerings, the tools rationalization extends to the overall performance of the tool itself. The evaluating parties should consider the following when reviewing the current performance of the tool or application:
- Toolsets should be evaluated for proper and complete configuration through a systems diagnostic process.
- Current tools may not be supplying modern security best practices compared to newer offerings.
- Some tools and applications may be running because they have no plan to be retired or removed.
- Tech duplication and sprawl can be present when applications and tools become more intertwined with other systems than they need to be. Always evaluate the need for integration and vet it as a requirement moving forward.
3. Funding and Budgeting
No matter the type of tool, someone must pay for it to be in service. Whether the expense is in dollars spent on a solution, or for the talent needed to support the tool, the conversation of funding should be considered during all tools rationalization exercises. The main questions to focus on during this phase of the process revolve around total cost of ownership (TCO) and return on investment (ROI), coupled more directly with the tool’s ability to turn your dollars in breach avoidance. In this example, the focus should also be on the evaluator’s ability to manage service agreements with the supplier to reduce or repurpose the overall cost in supporting TCO/ROI, even if that means keeping the tool in place while enabling additional investments to scale up the tool, providing more value for the organization.
Sometimes replacement, consolidation, or retirement isn’t the best option and a well-placed diagnostic with ongoing improvement will help protect the current investment while also reducing costs over time. Some examples of items impacting the tools rationalization process related to funding and budgeting include:
- Subscriptions may become costly due to licensing model changes by the vendor.
- Shifts in funding priorities for security tooling may occur based on the assessed risk of the environment.
- Shifts in funding priorities for infrastructure tooling and types, such as a move to cloud or hybrid environment.
- Additional or changing regulatory requirements add pressure to the existing budgets, enabling change in the tools funding process.
- Support resource changes require additional capital to hire the talent needed, or reallocating existing talent to ensure the proper configuration and use of the tool.
- Identifying additional investments in current tooling through security diagnostics and ongoing industry-expert support.