Economist Vilfredo Pareto’s famous “80/20” principle, stating that roughly 80% of effects come from 20% of causes, has long been recognized as a guiding economic principle. This economic principle can also be leveraged by security leaders to improve strategy. The “one size fits all” platform approach in security strategy today is great for improving efficiency. However, this approach often fails by applying generic, or less innovative tools, to the highest priority “20%” threats.
Prioritization in cybersecurity is nothing new, as it is a principle that has been heavily emphasized by security strategists for many years. However, despite awareness of this strategy, many security leaders still place the efficiency, or modest cost savings, of a single platform over effectively addressing critical vulnerabilities with specialized best-of-breed solutions. While a platform is a great solution for the “80% of threats”, best-of-breed solutions should be utilized for the high-priority 20%.
Google cybersecurity leader, Phil Venables, recently echoed the 80/20 rule in a blog post stating that “the key is to pinpoint critical vulnerabilities, the 20% that could cause the most damage… [because]. . . not all vulnerabilities are created equal”. Venable suggests that once you find the highest priority threats, you should “prioritize your resources to resolve them by implementing additional security controls around them.” For cybersecurity leaders, a simple way of stating this approach is that “you can’t boil the ocean”.
Spend precious budget where it matters most, and not by making the mistake of prioritizing solely within a generic platform.
While there has been a strategic push in recent years to consolidate security tools and platforms, best-of-breed solutions are still needed in some instances to address the highest-priority security threats.
Unlike larger, “one-size fits all” platforms, best-of-breed solutions are often developed with speed and innovation at their core. This enables faster deployment and more effective mitigation of a specific high-priority threat.
Different threats often necessitate different defense mechanisms. Relying on a singular platform cannot adequately address the spectrum of cyber threats. Consolidation of tools should not come at the cost of the overall effectiveness… In some instances, a best-of-breed tool strategy isn’t just an option; it’s a strategic necessity.
Cybersecurity startup advisor and author Ross Haleliuk, has noted in his writings that security leaders should not ignore specialized startup soltions for critical problems. Haleliuk notes that “for a startup, the problem it is solving is the only thing the whole team focuses on… [for] Microsoft or any large software provider, the same problem is just one among 3,500 other problems the company is tackling.”
Dr. Carsten Willems, CEO of VMRay, an advanced threat detection provider has warned of the dangers of applying a “one size fits all” platform approach to security. Dr. Willems advocates for “breaking the chains of cyber mono-culture” and embracing “diversity” in defense strategies. As he notes, “the consolidation approach in cybersecurity is not only inadequate for critical threats, it creates greater risk.”
Another reason to consider a best-of-breed approach is the importance of targeted focus and avoiding vendor lock-in. Best-of-breed solutions allow organizations to prioritize based on specific security needs, thereby reducing the risks associated with dependency on a single vendor’s platform.
Navigating the complex landscape of cybersecurity demands a strategic approach rooted in the principles of focus and prioritization. As highlighted by the 80/20 Pareto principle, organizations must discern the critical threats that merit their budget and attention.
While consolidated platforms are an important part of the cybersecurity success roadmap, security leaders should not forget to embrace specialized best-of-breed solutions that are tailored to address high-priority areas.
The key is a blended strategy of platform plus specialization. Use the “big box” security platform to adequately address your 80% low and mid-range threats. But don’t stop there. Identify and adopt specialized tools that fully address your 20% highest criticality threats.
This is a great opportunity to consider the world of innovation available from startups or specialized vendors to complement other large platforms.