The best defence is often a good attack and that tends to be true in cybersecurity, where being ready to tackle malicious actors head on can significantly reduce the impact they have on business operations.
The key to this, according to VimalRaj Sampathkumar, technical head (UK & Ireland) at ManageEngine, is preparation.
“Start with a risk-based approach rather than a tool-first mindset,” says Sampathkumar. “Organisations should begin by identifying their most critical assets, threat vectors and compliance obligations, and then select technologies that directly mitigate those risks.
“Too often, decisions are driven by market hype or feature checklists rather than fit-for-purpose utility. A practical way to navigate the noise is to map tools to specific outcomes, whether that’s visibility, threat prevention, incident detection, responses or audit readiness.”
READ MORE
Mapping the outcomes is only the beginning of the journey. Working out how consistently you meet these outcomes is just as important.
“Make sure there’s a plan in place to measure effectiveness over time. That means tracking not just usage or uptime, but whether the tool is materially reducing risk, improving visibility, or helping the team respond faster. Return on investment isn’t static, it should be reassessed regularly to ensure ongoing value,” says Dr Jonny Milliken, senior security manager at Ekco.
“It’s not about choosing a basic or advanced [approach], it’s about choosing what fits. A well-deployed and maintained basic control will always beat a poorly implemented advanced one. Prioritise what your current operations teams can support and sustain going forward, ahead of anything flashy or complex. Build it into operations, keep it tuned and make sure it evolves with the environment.”
Recognising that there’s no one-size-fits-all approach to building up a good security plan can help a company shape a defence structure that best fits its needs.
“The key is to start by developing a security strategy and architecture tailored to the organisation’s unique structure, risk appetite and budget. Industry benchmarks for cybersecurity spend, often calculated as a ratio of IT spend, company turnover, or employee headcount, can provide a useful starting point for budget considerations,” says Brian Martin, director of product management at Integrity360.
“Many organisations today are experiencing vendor sprawl fatigue, where a multitude of disparate tools creates complexity and integration challenges. As a result, there’s a strong trend toward vendor and platform consolidation. Consolidating vendors can improve security outcomes by eliminating integration gaps and reducing the potential for cracks in the system. It also simplifies support overhead and can free up budget to invest in other areas of defence.”
The risk of that fatigue has only increased since artificial intelligence (AI) entered the security conversation, both as a tool for attackers and to protect against them.
“AI and automation are set to transform defence mechanisms in the coming years. AI-driven solutions can sift through vast amounts of threat data with far greater speed and accuracy than traditional systems, enabling earlier detection of subtle attacks, and rapid response,” says Brian Honan, chief executive of BH Consulting.
“Automated response technologies reduce the dwell time attackers spend inside networks, containing breaches before they have a chance to spread. That said, organisations shouldn’t view these technologies as silver bullets. These tools will augment, not replace, strong fundamentals and a security-minded culture.”
With new developments like AI changing the cybersecurity landscape, it’s easy to get lost in working out what the best approach is. Taking a step back and looking at the broader impact on the business can help to clear things up.
Vaibhav Malik, partner in cybersecurity and resilience at Deloitte Ireland recommends following his three Es – effectiveness, efficacy, and efficiency – to enhance a company’s security posture.
“These three principles work synergistically: effectiveness ensures you’re solving the right problems; efficacy confirms your solutions work, and efficiency maximises your security investment returns,” says Malik.
“Start by assessing current tools against these criteria, prioritise fundamental security controls, and gradually introduce advanced technologies only when they demonstrably improve your specific risk profile.”
Whatever approach a company takes to its security posture, remembering the human element is critical to success.
“Many organisations also underestimate the importance of people and processes. Even the best tools fail if there’s no plan to train users, align with workflows, or ensure executive support,” says Sampathkumar
“Organisations should conduct pilots, define success criteria upfront, train staff adequately and adopt a mindset of continuous improvement rather than viewing security as a one-time project.”
