Making Sense of Cyber Security’s Alphabet Soup

Unless you work for the government, you would be hard-pressed to find an industry more in favor of acronyms than the world of security and compliance. Figure 1 shows just a subset of the acronyms associated with the cyber security issues and solutions.

Figure 1. The Alphabet Soup of Cyber Security.


Source: Insight

Added to this growing alphabet soup of acronyms are a few other issues impacting an organization’s cyber security efforts:

  1. An increasing number of security point solutions now needing to be managed. It’s not uncommon to see upwards of 50+ point solutions at many medium to large organizations.
  2. A burgeoning mountain of log data from such solutions that often goes unchecked, until after the problem is found.
  3. A growing shortage of skilled IT security personnel to help manage the onslaught, and react appropriately to the increasing threat landscape.
  4. The on-going use of legacy security practices that continue to put organizations at increased risk through lack of innovation and adoption.

These factors make it difficult for an organization to control and protect against potential security threats—whether those exist on-premises or in one or more cloud environments.

The answer to many such challenges, however, may point to a future where security solutions, themselves, are increasingly cloud-based. To get ready for this future, organizations should begin looking now to learn more about dynamic, scalable cloud-based security solutions. No two are alike. Such solutions may ultimately offer one consolidated platform from which to manage user access and identity—regardless of the multiple cloud providers and cloud services being used by an organization.

It can be hard to make sense of this alphabet soup of acronyms and the sea of conflicting security priorities. Many organizations find it helpful to seek guidance from experts that help put such priorities into a working, high-level framework or architecture. In our experience, this helps to provide more context from which to view vendor offering and how they might fit into an organization.