It may seem counter intuitive, but the more internet security products a company installs does not equate to a more secure system, according to Cisco Vice President and Chief Architect Martin Roesch.
Roesch told the crowd gathered at RSA 2016 on Wednesday that, in fact, the opposite is true. The more varieties of security that are piled on a system have an inverse impact, making it harder for the organisations to manage and analyse the data and thus creating a weaker defence.
“What happens when you implement several security systems? If you have five, managing it is five times harder, but analysing the data is a geometric expansion,” Roesch said, adding that some companies have so many layers of security that they become impossible to manage. So even when a attack does take place the defensive measures detect it, those running the security software can't tell because of the system is too complex.
The amount of protection on the system does not increase geometrically, but only incrementally, he added, pointing out that if complexity and capability were charted on a graph the capability line would quickly flatten out, while the complexity line would skyrocket.
Roesch said that all this takes place due to the knee-jerk reaction by many companies to simply add a new security product whenever an threat pops up. The “see a problem buy a box" is the wrong approach and does nothing but add to the situation he described above.
“Having many products all delivering incremental benefits is a trap for this industry,” he said, adding the security sector needs to develop security at the proper scale.
Roesch said this can be done through the better use of automation for analysing data, an emphasis on having fewer, yet more capable products and better integration between the systems defending the network.