How we helped Forcepoint highlight the business case for cyber security consolidation

cyber security consolidation

Cyber Security is near the top of the agenda of every single organisation out there. It is perhaps unique in that – particularly when it comes to enterprise technology. While the words ‘blockchain’, ‘edge’ and ‘Internet of Things’ may be on the lips of many, they are part of the IT infrastructure of relatively few businesses. Yet, where there is IT, there needs to be cyber security – and IT is everywhere.

This prioritisation of cyber security is with very good reason. The regularity and complexity of cyber attacks increase each year, affecting companies of all sizes, across every sector. Rarely a week goes by without a household name being in the news following a security breach.

Most recently, the British Airways fine dished out by the Information Commissioners Office – a record £183 million – represents a new era for regulatory knuckle rapping. A step change echoed by the £99 million penalty faced by Marriott International. In both cases, nefarious third parties exploited flawed cyber security.

Europe, post GDPR, is a new look digital space, where personal data rightly comes with a heavy burden of responsibility. Fail to secure that data and you could face a fine equivalent to 4 percent of annual global turnover, or €20 million – whichever is greater.

The meaning in the data

Therefore, it was with great anticipation that Incisive Works undertook its latest research into the cyber security landscape, carried out in partnership with Forcepoint. The resulting digital content experience, The case for cyber security consolidation (and separate whitepaper), make for compelling reading. Our findings paint a vivid picture of too many security alerts (37 percent of respondents face serious security incidents every day) and too long spent investigating them (Two-thirds of participants take at least 12 to 24 person-hours to resolve an incident). Beneath these stark figures is the human impact on the teams desperately trying to keep their organisations watertight:

“Beneath the macro trends and data visualisations, with their shocking implications, are the daily personal impacts of such changes. Security staff cannot be anything but over-stretched at most organisations. Day and night, regardless of public holidays and colleagues on leave, these departments are having to plug leaks and bail out water. Meanwhile, it’s often the smallest organisations that are facing the most attacks and taking the longest to combat them.”

How did we end up here?

What begins as a couple of point solutions designed to meet specific security needs has spiralled to the point that an alert usually means investigating at least four data sources to resolve an incident. For many the figure is seven or more.

The result is a security infrastructure that is, contrary to its purpose, a risk to the business. It is an ungainly amalgamation of parts, stitched together. Impressive in its capabilities, when viewed in part, but always threatening to overwhelm, as a whole.

This conventional best-of-breed approach is untenable. The security state-of-play, and the resulting tools, have simply become too complex – a case of too many alerts and reports, and too little time. Untangling these crossed wires requires a drive towards both consolidation and automation – two facets of the same security coin. Together, they allow multiple tools to render their reporting on a single pane of glass – a dashboard that amalgamates disparate data, allows tools to talk to each other, and uses that combined data to suggest intelligent data-informed actions to security personnel, or even resolves incidents itself. Such a system enables staff to keep an eye on automated processes, while freeing them up to carry out more proactive threat hunting (another key direction cyber security needs to take to ensure it keeps ahead of cyber criminals who are increasingly well equipped and capable).


At Incisive Works we’re in the privileged position of being able to reach out to organisations to see how the cogs of industry run, and from our removed perspective see the commonalities and trends. When this perspective paints a stark picture of a machine that simply isn’t fit for purpose anymore, one where the pressure gauge is dangerously high, and the wheels about to come off, and that this is the experience across the enterprise, then we will call for a new way of doing things. With this in mind, we produce thought leadership content aimed at those in the industry with the influence to herald a sea change within their organisation.

When you’re bailing out water and the boat’s still sinking, it’s time to fire up the bilge pump.