Tool Sprawl and Multi-Vendor Setups Are Hurting Cybersecurity Efficiency

Overburdened cybersecurity experts are struggling to manage a variety of tools from multiple vendors, sacrificing efficiency, visibility, and budget in the process. New research from Kaspersky shows a growing shift, as more organizations turn to consolidation and automation to simplify operations and regain control.

Kaspersky’s research found that around 72 percent of organizations use multi-vendor cybersecurity ecosystems, which often lead to operational and financial challenges. Security teams often struggle to manage these fragmented systems, which leads to slower threat response and increased workload.

Complexity is slowing down threat detection and response

Additionally, 43 percent of security professionals find their security stacks too complex and time-consuming, which hinders quick threat response. Moreover, many organizations face budget overruns due to overlapping tools. This overlap results in wasted resources and budget overruns that make cybersecurity more expensive.

The study also shows that 41 percent of respondents struggle with automation because of poor integration between tools. Security teams are forced to rely on manual processes, which increases the risk of human error and reduces overall efficiency. Moreover, 39 percent report inconsistent threat visibility, as fragmented systems lead to inconsistent and incomplete data.

“While diversification of security solutions can offer certain benefits, such as risk mitigation and coverage breadth, an unchecked increase in complexity often leads to significant resource drain and operational inefficiencies. Moreover, this complexity can create critical blind spots, making it harder to maintain comprehensive threat visibility and respond effectively to emerging risks,” said Ilya Markelov, Head of Unified Platform Product Line at Kaspersky.

Kaspersky’s call for consolidation and centralization

Kaspersky recommends that organizations facing challenges with multi-vendor cybersecurity environments adopt centralized and automated security platforms to streamline operations and improve threat management. Specifically, the company suggests solutions like Kaspersky Next XDR Expert, which aggregates and correlates data from various sources into a unified system.

1. Consolidate and rationalize security tools

Kaspersky advises organizations to reduce tool sprawl by consolidating their cybersecurity stack. This can be done either by adopting a single-vendor platform or by carefully selecting best-in-class tools that integrate well via APIs and open standards.

2. Automate security processes

Automation is important for reducing manual workload and mitigating talent shortages. Kaspersky recommends implementing automated incident response, alert prioritization, and policy enforcement.

3. Improve threat intelligence integration

Organizations should prioritize threat intelligence that is timely, actionable, and easy to integrate into existing systems. Kaspersky highlights the importance of using centralized platforms that support seamless data correlation and sharing across teams and vendors

3. Adopt secure-by-design and cyber immunity principles

Kaspersky promotes a proactive approach to cybersecurity through “Cyber Immunity,” which involves designing systems that are inherently resilient to attacks. This includes building secure-by-design infrastructure that minimizes vulnerabilities and reduces reliance on reactive security tools.

4. Strengthen Identity and Access Management (IAM)

It’s also recommended to implement phishing-resistant authentication methods like passkeys and manage machine identities and API tokens centrally. These steps help prevent credential theft and improve access control without significantly increasing costs.