More than half of enterprise security leaders report reaching a security tool tipping point

TAMPA, Fla., December 10, 2019 – ReliaQuest, a leader in enterprise security, today released the findings of the 2019 ReliaQuest Security Technology Sprawl Report, which reveals how a rapid increase in the number of security tools used by large companies is limiting their return on investment while increasing the risk of cyber threats. The survey of 400 security decision makers at companies with more than 1,000 employees found there is a “security tool tipping point” where the number of cybersecurity solutions becomes overwhelming and increases organizational risk levels. The result is underutilized technology, ineffective use of valuable security resources and overwhelmed and inefficient teams that spend more time trying to manage their wide range of tools than proactively defending against threats.

Key findings include:

  • Security teams are deploying more tools than ever.Almost three-quarters (70%) of respondents say they’ve invested in more than five new technologies in the last year, including 19% who say they’ve invested in more than 20.
  • Teams are struggling to implement the tools. Seventy-one percent report they are adding security technologies faster than they are adding the capacity to productively use them.
  • The burden of tools maintenance compromises threat response.Sixty-nine percent report their security team currently spends more time managing security tools than effectively defending against threats.
  • A majority of enterprises are less secure today as a result of tools sprawl.Over half (53%) say their security team has reached a tipping point where the excessive number of security tools in place adversely impacts security posture.

“Cyber threats continue to rise and require companies to mitigate risk,” said Brian Murphy, CEO of ReliaQuest. “While it’s tempting to think another piece of technology will solve the problem, it’s far from true – in fact, this survey proves more tools can worsen enterprise security by adding complexity without improving outcomes. Enterprises need to shift focus to getting more out of the investments they’ve already made while becoming more selective with new technology acquisitions and ensuring fit with their existing security models. The ultimate goal: tight integration and transparency across their entire environment.”

The survey found that the longer term consequences of vendor sprawl can be damaging to the overall security posture of an organization. A large number of disparate tools can be difficult to manage and lead to gaps in coverage, with 66% of respondents reporting that the excessive number of tools makes it harder for their teams to effectively address threats.

“Ultimately, security technologies help enterprises stay a step ahead of rapidly evolving threats. Vendor sprawl, fueled by shifts to cloud and other business activities such as mergers and acquisitions, lead to unavoidable financial and operational pains. To ensure technologies collectively deliver greater transparency, security leaders should reassess overarching business goals, align tools to their security models and then recalibrate the process and people to achieve the best outcomes.  We created GreyMatter to integrate into existing technologies such as SIEM, EDR, multi-cloud, and third-party apps to address vendor sprawl and the gaps it creates in the security models.”

For more information on the 2019 ReliaQuest Security Technology Sprawl Report, visit here. To learn more about ReliaQuest, visit

Survey methodology

ReliaQuest commissioned Market Cube to conduct a survey of 400 IT professionals at companies with 1000+ employees in the United States who are at least 18 years old and involved in making decisions about their organization’s security technology. The survey was conducted online November 4-11, 2019. The margin of error is plus or minus 4.9% percentage points.

About ReliaQuest  

ReliaQuest™ fortifies the world’s most trusted brands against cyber threats with GreyMatter, its platform for proactive security model management. GreyMatter increases enterprise visibility while automating threat detection and response. It does this by unifying and integrating existing SIEM, EDR, multi-cloud, and third-party apps, to deliver a centralized, transparent view across the environment. The platform’s analytics provide actionable reporting and metrics that measure ongoing improvement of the security model, so teams can recognize and communicate success across the enterprise. Headquartered in Tampa, Fla., ReliaQuest is a private company with operations in Las Vegas, Nev., Salt Lake City, Utah, Dublin, Ireland, and London, UK. For more information, visit