In the changing landscape of cybersecurity, organisations are continually increasing their investments in security technologies. However, increased spending doesn’t always translate to better security outcomes. In our latest episode of Getting IT Right, we sat down with James Smith and Jonathan Ashton from Ash Cybersecurity, one of our trusted partners, to explore the common challenges businesses face in their cybersecurity strategies and how to ensure technology investments deliver real value.
The Challenge: More Spending, Same Problems
According to recent reports, global spending on cybersecurity technology is set to reach $100 billion this year, growing at an annual rate of 14%. Yet, despite these investments, many organisations still struggle with fragmented security postures, overlapping technologies, and underutilised tools.
James Smith highlights a fundamental issue—organisations tend to fall into the same traps when it comes to delivering security controls. They’re often drawn to the latest and greatest technologies without fully understanding how they fit into their overall security strategy.
One of the biggest challenges with increased spending is that it often consumes resources that could be allocated to other essential areas, such as skilled personnel and third-party services. Without a strategic approach, companies may find themselves spending more but achieving less.
The Risks of Overlapping and Underutilised Technologies
When it comes to selecting security technologies, the sheer number of options available can be overwhelming. Endpoint Detection and Response (EDR), for example, has become a staple in cybersecurity, but as Jonathan Ashton points out, there are numerous EDR solutions available. Finding the right one depends on your organisation’s structure, governance, and technology ecosystem.
To make the best decision, companies need to consider several factors, including:
-
The size and complexity of their organisation
-
Whether their infrastructure is on-premise, cloud-based, or hybrid
-
Their cybersecurity maturity level and regulatory obligations
-
Their workforce structure—are they tech-savvy developers or non-technical professionals?
Understanding these elements helps organisations choose technologies that align with their specific needs rather than simply adopting the most hyped solutions on the market.
Maximising Your Cybersecurity Investments
A key takeaway from our discussion is the importance of assessing existing technologies before making new investments. James emphasises that many organisations struggle to answer basic questions such as:
-
What security products do we already own?
-
When do our current licences expire?
-
Are we fully utilising the capabilities of our existing tools?
Without clear answers, businesses risk unnecessary expenditures on redundant or underperforming solutions. A structured security roadmap ensures that every technology investment contributes to the organisation’s broader security objectives.
Strategic Planning and Implementation
Even with the right technologies in place, success depends on how well they are implemented and integrated into daily operations. Jonathan notes that technology itself is rarely the biggest challenge—failure often comes down to poor deployment and lack of adoption.
To avoid this, organisations must:
-
Clearly define security goals and desired outcomes
-
Communicate the strategy across all levels of the business
-
Secure buy-in from operational teams, not just leadership
-
Allocate necessary resources to maintain and optimise new technologies
James adds that it’s crucial to have a well-planned operating model and governance structure. Investing in a tool without ensuring the right teams and processes are in place is like buying a sports car and never learning how to drive it.
Key Questions to Ask Before Your Next Security Investment
To conclude, Jonathan left our listeners with some critical questions to consider:
-
Do you have a clear understanding of what success looks like for your security investments?
-
Are you fully utilising your existing security tools, and can you demonstrate their value?
-
Is your security strategy well-communicated and aligned across your organisation?
By addressing these questions, businesses can move towards a smarter, more strategic approach to cybersecurity.
Final Thoughts
From selecting the right technologies to ensuring effective implementation, our discussion underscored that success in cybersecurity isn’t just about spending more—it’s about making informed decisions, fostering organisational alignment, and executing with precision.
If you’d like to learn more about how to optimise your cybersecurity strategy, visit www.intergence.com to explore Ash Cybersecurity’s Fractional CISO services and our Managed Security Services.
Thanks again to James and Jonathan for their valuable insights. Stay tuned for more expert discussions in future episodes of Getting IT Right! 🚀