Twenty-eight percent of security spending is wasted on shelfware, according to CSO's news article earlier this year.
Shelfware, in case you don't have any of your own, and aren't familiar with the term, is a word coined by the technology industry to refer to something that is purchased but is never put in to production.
As Global Head of Customer Success at Avecto this statistic really astonishes me; why would customers invest in a security solution and go through all the necessary leg work of building business cases, evaluating, setting up contracts etc. (not to mention spending into the millions) just to have a very expensive ornament gathering dust on the shelf.
The report also cited that 35% of the software that was purchased and sitting in limbo was in its current state due to IT not having the resources to actually implement it.
Security goals and mandates versus implementation resource and ongoing management, I would argue, is one of the greatest challenges that businesses face when procuring a security solution. The balance between the reasons why a solution is being chosen, and what that will mean the business needs to commit in terms of resource to actually make use of the solution is a balance that must be considered early on in the buying process. Businesses ought to be wary of purchasing solutions to satisfy a box-ticking exercise for various security and compliance audits and consider the consequences of what it would look like if they suffer a breach or cyber-attack and had invested in the solution to prevent it, but hadn't committed to implementing it.
When meeting with customers I am always sure to ask if they are making use of the plethora of new features that we’ve added into the solution since the last major release. I frequently find that customers now have separate projects to solve emerging business or security issues, and that our new features can address those exact requirements. I cannot stress enough the importance of keeping in touch with your software providers, and investing time in broadening your depth of knowledge of the solution. Chances are that they are heavily investing in developing it to keep up with your ongoing requirements and you may have even more reason to implement it than you originally believed.
So what's my advice? Take another look at your allegorical shelf; what software do you have sitting there? Whether you never quite got round to implementing it, whether your predecessor purchased it and you never familiarised yourself with it, or whether you really owe it to your business to update it and investigate just what it can do for you today. I guarantee you will be saving yourself not only the time and money of looking in to new technologies, but also the potential embarrassment, in today's world of targeted cyber-attacks, of being hit and having the prevention sitting on the shelf behind your desk, like a target on your back.
If you're an Avecto customer and want to take a fresh look at what Defendpoint can deliver for you just send us a note at firstname.lastname@example.org