An alarming 61% of security leaders reported suffering a data breach in the last 12 months due to failures or misconfigurations in security controls. This situation persists even as companies use an average of 43 different cybersecurity tools, indicating that the problem lies in configuration, not in the amount invested in solutions.
The effectiveness of security controls should be the new paradigm for cybersecurity success, rather than simply acquiring more tools. Many organizations have extensive inventories of firewalls, endpoint solutions, and other technologies, yet breaches continue to occur because these tools are frequently misconfigured, poorly integrated, or disconnected from real business risks. One cited example is the 2024 Blue Shield of California data breach, where a website misconfiguration resulted in the exposure of personal data belonging to 4.7 million members.
Achieving true control effectiveness requires a fundamental shift in organizational mindset and practices. This involves stronger partnerships between security teams, asset owners, IT operations, and business leaders, as well as deeper training for security professionals — focused on understanding protected assets and business objectives. The use of outcome-driven metrics (ODMs) and protection-level agreements (PLAs) is crucial for measuring and demonstrating the effectiveness of defenses.
Continuous optimization of security controls is essential, given that threats evolve and businesses change. Treating configuration as a one-time project is a mistake, as new vulnerabilities emerge constantly. Optimization must incorporate real-world threat intelligence, reassess risk priorities, and ensure that operational processes reinforce security. Effective security is not a static goal, but a living system that must be continuously built, tested, and refined.
This post was translated and summarized from its original version with the use of AI, with human review.
Source: The Hacker News