Financial services security tools: How many is too many?

Financial services’ tool addiction is doing more to harm than help

Financial services have always been on the frontline of cybersecurity. On one hand, hackers of the highest level are constantly trying to infiltrate financial services to get access to funds, privileged information, and intellectual property. On the other, regulators watch these institutions closely to make sure they’re keeping their customers safe.

It’s safe to say that cybersecurity is an important issue for financial services. As a result, they’re often eager acquirers of new security tools. However, that enthusiasm can backfire.

Tool sprawl happens when organisations onboard tools which, as they grow in number, end up hindering an organisation more than they help them. This is a problem for businesses in general, but financial services seem to have a particular problem in this area.

Financial services: Drowning in security tools

Our 2021 State of Security Technology Investments report bears this out. The average financial services organisation has over 19 security tools. Still this doesn’t necessarily serve them well. Only 17 percent said that they were able to respond to incidents more effectively while 60 percent actually experienced more difficulty in determining the source of a security incident. Nearly half—45 percent—reported less visibility into their overall security stack.

It’s not just that this glut of tools didn’t help secure these financial services, it’s that they actually harmed their overall security stance. An overwhelming majority—81 percent—of organisations were unable to integrate those security tools together while 95 percent said that using those tools actually increased their level of risk.

The result of tool sprawl is an unfortunate reversal of those tools’ original purpose. These unlucky organisations suffer from reduced visibility within their own environments, and, as a result, they are under greater threat of attack.

To restore the visibility that so many financial services need, they can look to extended detection and response (XDR). Unfortunately, many XDRs are proprietary and require customers to uproot their security tool portfolio to make way for their solution.

Optimise your existing tools with Open XDR

Open XDR, however, is vendor agnostic and allows financial services organisations to integrate and finally make use of their often-messy portfolio of tools. ReliaQuest Open XDR customers have been able to reduce total costs of ownership by an average of 35% by eliminating inefficient tool sprawl, centralise visibility across their attack surfaces, and demonstrate ROI within 90 days.

Financial services are under tremendous pressure to secure their sprawling infrastructures. But given the threats arrayed against them and the complexity of their environments, they can struggle to meet those expectations. Open XDR has allowed our financial services customers to simplify that complexity and enable the visibility that they so sorely need.

Learn more about Open XDR ➞