Too Many Tools? Tidy Up in 'KonMari' StyleYou've no doubt heard about Marie Kondo's method of decluttering the home. Turns out, it can help security pros tackle all of those security tools piling up around the organization.
The human inclination to hoard is not a habit only seen in the home. While Marie Kondo's KonMari method of decluttering has become popular among households around the globe, it's likely that few security teams have stopped to think about the benefits of taking an inventory of their technical clutter.
Well, it's high time to start cleaning out those metaphorical closets, according to Jon Check, senior director for cyber protection solutions at Raytheon Intelligence and Information Systems.
Of course, certain best practices should remain consistent regardless of the tools in your environment, such as patching systems and training employees. But considering how quickly technology changes, the concept of identifying the security tools that "spark joy" in the environment is also a critical part of training.
Taking a thorough inventory of technical clutter and letting go of those lackluster solutions can allow security teams to be more effective and efficient in their jobs. Removing technical clutter also can help to combat tool fatigue and allow security teams to refocus their energies on being proactive and staying ahead of the ever-changing threat landscape.
But no buts about it, going through the decluttering process can be a big pain. That's why it's best to look at the bigger picture. How you approach change has a direct impact on the culture of your organization. "Creating and embracing change is important, and I would say that in the cyberworld today, we can all benefit from a change-hearty culture," Check says.
By making change a part of the overall culture, the security team will no one is frightened by it; rather, they will know the right steps to take.
Clean Up by Category
In most organizations, thinking about which tools to keep is probably as overwhelming as a Vegas buffet. The options are good, but when you start piling everything onto your plate, it becomes a real challenge to actually eat your way through all of it. By the time you get to the good stuff, you're in a food coma.
Given the rate of tool proliferation, eliminating tools that are no longer needed is an enormous, time-consuming, and onerous task that few truly want to take on. Still, the job must be done. "Tool fatigue is the biggest threat to what cyberteams have going on," Check says.
So where to begin? Teams can think about tidying up their tools based on what they do with each of them. Removal of clutter is about optimization, Check says.
"Many tools have overlapping capabilities. One tool fills 10% of 'that' gap, but it also overlaps with 40% of your SIEM," Check says. "You have to categorize tools, discard what you don't need, and keep only what is necessary to get the job done."
Don't Let It Get Worse
Many security teams are guilty of adding clutter before thinking about getting rid of it. In the same way you don't need seven spatulas, you don't need seven data loss prevention tools.
Check says the best time to ask whether something is right for your organization is before you buy it. "When you buy something, do you actually use it? How long is it good for?" he asks. "Will you use it for only half a lifespan or – even worse – will it actually just sit on the shelf?"
Confronting clutter at work is no different from confronting a mess in the home, with the one exception that clutter in the security environment masks other more critical issues.
Focus on the Long Term
At this point in the home-tidying up process, Kondo advises gathering all items before deciding what to keep and what to get rid of. Before tossing any tools into the waste bin, take a written inventory of what you have. Yes, you need to write it all down. Having a visual list of your clutter can help you to face the reality of your hoarding practices.
Before winnowing through all of the tools, identify your true mission. This will help you determine what to pitch and what to keep. "When you are in the land of clutter, you don't see the long-term vision," Check says. "Ask what key risk factors you are trying to mitigate. Prioritization is part of decluttering, so you need to first think about where you want to be at the end of the process."
Give Thanks to the Tools that Bring Joy
In the same way Kondo brings mindfulness into the tidying of homes, security teams can bring gratitude into their decluttering process as well. Yes, it might sound quirky, but maybe you come to realize you have a "make" versus "buy"decision that you hadn't realized amid all the mess. Give thanks to the old for presenting you with a new opportunity to be less bogged down by the noise so that you can engage in more meaningful work.
"It can be a very cathartic experience for the team as well," Check says. "It helps them understand what to focus on and why their job is important and how it aligns to the business mission."
Keep in mind that when you clear a space, even a virtual space, you are building a culture in which your teams can thrive.
Kacy Zurkus is a cybersecurity and InfoSec freelance writer as well as a content producer for Reed Exhibition's security portfolio. Zurkus is a regular contributor to Security Boulevard and IBM's Security Intelligence. She has also contributed to several publications, ... View Full Bio