Why Traditional Security Is Failing Us

After working in the cybersecurity industry for the last 15 years, what I find most striking is that, despite all the money spent on cyberdefense, the number of data breaches every year continues to increase

Summary

Since the beginning of cybersecurity, most companies have focused the majority of their spending on ensuring that they wall off their core infrastructure with the best technology to stop attackers from getting in. Every time a new threat or attack vector emerged, we added another network technology to protect the business from it. Eventually, we had too many consoles to monitor or correlate information between and the security information and event management (SIEM) market was born. Initially, SIEM promised to help us reduce all of the alert fatigue and help us find the root cause of every problem. Unfortunately, SIEM’s initial promise didn’t work out as advertised and became another extremely complex piece of technology that was even more difficult to manage than the network appliances it was meant to protect. SIEM did one thing well that made it worth paying for, though: It provided compliance reports.