2019 ReliaQuest Security Technology Sprawl Report

ReliaQuest, a leader in enterprise security, released the findings of the 2019 ReliaQuest Security Technology Sprawl Report, which reveals how a rapid increase in the number of security tools used by large companies is limiting their return on investment while increasing the risk of cyber threats. The survey of 400 security decision makers at companies with more than 1,000 employees found there is a “security tool tipping point” where the number of cybersecurity solutions becomes overwhelming and increases organizational risk levels. The result is underutilized technology, ineffective use of valuable security resources and overwhelmed and inefficient teams that spend more time trying to manage their wide range of tools than proactively defending against threats.

Key findings include:

  • Security teams are deploying more tools than ever. Almost three-quarters (70%) of respondents say they’ve invested in more than five new technologies in the last year, including 19% who say they’ve invested in more than 20.
  • Teams are struggling to implement the tools. Seventy-one percent report they are adding security technologies faster than they are adding the capacity to productively use them.
  • The burden of tools maintenance compromises threat response. Sixty-nine percent report their security team currently spends more time managing security tools than effectively defending against threats.
  • A majority of enterprises are less secure today as a result of tools sprawl. Over half (53%) say their security team has reached a tipping point where the excessive number of security tools in place adversely impacts security posture.

Complete the form to access the full survey report.

More resources

3 Proven Methods for Implementing a Continual Threat Hunting Program

Enterprise Security teams are looking for proven ways to increase the visibility of their security programs while also optimizing technology investments. A large number of organizations have implemented Endpoint Detection and Response (EDR) solutions and many others are considering it. While these solutions are best known as being effective incident response tools, they also help […]

The Comprehensive Guide to Optimizing Your Security Operations

Barely a few decades old, the Information Security profession struggles with standardization. This can be seen across the board from naming and defining capabilities, vulnerabilities, and adversaries to even the most basic terms that are used every day.  Oftentimes, this results in the misunderstanding of essential information during an investigation and a limited ability to […]