Authored By: Antoine Korulski, Product Marketing Manager, Infinity architecture, at Check Point Software Technologies
Both pandemics perform malicious actions on their victims. While a physical pandemic causes harm to people, cyber pandemic affects information systems and associated data. Last year, malicious cyberattacks cost US$6 trillion USD globally in the form of ransomware, loss of productivity, loss of data, and reputational damage, among others. Similarly, the cost inflicted by the Covid pandemic is measured in trillions of USD to the global economy from lockdowns to supply chain disruptions.
As the pandemic caused havoc, remote work became the norm for most office employees. McKinsey estimates that there was an increase in the remote workforce by a factor of 4-5x compared to pre-pandemic levels. In a matter of weeks, the surface attack widened dramatically, shattering the security perimeter. This exposed security vulnerabilities on the network, cloud, devices, and access rights, which were exploited by malicious actors to destabilise institutions including hospitals, banks, and governments. Globally, in 2021, Check Point Research reported a 40% increase in cyberattacks with one out of every 61 organisations being impacted by ransomware each week.
How to prevent the next pandemic?
With the biological pandemic, politics reacted with stricter lockdowns, vaccination, and re-enforced the health system with complementary infrastructures including testing centres, quarantine hotels/ centres, and dedicated areas designed for coronavirus patients at hospitals to cope with the number of patients flowing in waves.
Similarly, CISOs had to react to the widening attack surface by enforcing security policies and the security infrastructure. CISOs have two options to deal with a widening attack surface. Either one takes a best-of-breed strategy to patchwork the security architecture with multiple vendors, or one consolidates the security architecture with a cyber security suite.
The latter approach is recommended as it closes security gaps related to misconfiguration and security policies that do not fully overlap when using multiple vendors. Check Point surveyed over 400 global CISOs to confirm this trend, with 79% of security experts saying that working with multiple security vendors is challenging and 69% agreeing that working with fewer vendors would increase security.
Security consolidation – the benefits
- Reduced Overhead: Managing individual licenses across the organisation can consume significant resources as each license needs to be purchased, tracked, and renewed individually. An ELA (Enterprise License Agreement) allows a company to use a single license for all vendor services that it consumes across the entire organisation.
- Lower Costs: An ELA is a bulk purchase of a vendor’s service for a fixed period. Often, this comes with large discounts compared to individual, per-seat licenses.
- Decreased Business Impact: With individual licenses, an organisation needs to manage each license and may face business disruptions if one slips through the cracks and expires. With an ELA, an organisation only needs to manage a single license, decreasing the probability that oversight will cause a disruption to operations.
- Reduced Waste: With individual license agreements, an organisation may inadvertently purchase additional licenses for a product while others go to waste or are only used occasionally. An ELA enables an organization to bundle services and stop spending money on unused services.
- Predictable Spend: With an ELA, an organisation and a vendor agree on a predetermined rate for a vendor’s services for the period of the ELA. This provides a greater degree of predictability than individual user licenses.
- Service Flexibility: ELAs often include the option to claim credits for underused resources that can be applied to other services. This allows an organisation to better tailor its service consumption to its actual needs.
