Tech leaders challenged daily to sort through a crush of new security apps

An escalating race between good-guy developers building new security tools and bad-guy hackers launching new threats means IT has a whole pile of security apps to sift through. Here’s advice for evaluating the options.

frustrated computer user

A tech leader's day can be unpredictable, but Ginny Davis, CIO at entertainment services company Technicolor, can rely on one thing: She's guaranteed to get an email from a new security provider urging her to check out its latest and greatest technology.

Davis says she values "the evolution in the fight against hackers" and considers the many new options a positive trend, "but it's mind-numbing how quickly [the security landscape] is changing."

Bob Lamendola, general manager of infrastructure services at IT services provider Mindshift, agrees. "The number of security-related products and services coming at you is almost frightening. The [security] marketplace is evolving at a frantic rate, making a complex situation even more complex to navigate."

lamendola robert 2016

Bob Lamendola

This back-and-forth escalation between the good-guy developers and bad-guy hackers is putting even more pressure on tech leaders. "Whenever you bring a new security product in, it's like putting up a 10-foot wall," says Tom Barnett, vice president of healthcare IT at NorthShore University HealthSystem in Evanston, Ill. "But the bad guys just come back with an 11-foot ladder." At a similar healthcare organization, Barnett says inbound hack attempts jumped from a few million per year in 2008 to around a million per month in 2012.

Security consultant Larry Ponemon, founder of Ponemon Institute, acknowledges that the onslaught of new applications is a problem. "Generally, people are frustrated because their security environment is very complex," he says. "That leaves places where the bad guys can get in. The more we rely on these tools, the greater the possibility that they create more havoc than value."

So what's a tech leader to do? And which group is poised to swamp you first, the hackers or the security vendors? The cumulative advice of the CIOs, chief information security officers and consultants interviewed for this story boils down to this: There are times when you might need both a belt and suspenders to protect your security portfolio, but prudence will always win out over panic.

To continue reading this article register now

Discover what your peers are reading. Sign up for our FREE email newsletters today!