{"id":363004,"date":"2025-11-07T15:10:00","date_gmt":"2025-11-07T09:40:00","guid":{"rendered":"https:\/\/www.technologyforyou.org\/?p=363004"},"modified":"2025-11-07T15:10:00","modified_gmt":"2025-11-07T09:40:00","slug":"the-shift-left-of-boom-making-cyber-threat-prevention-practical-again","status":"publish","type":"post","link":"https:\/\/www.technologyforyou.org\/the-shift-left-of-boom-making-cyber-threat-prevention-practical-again\/","title":{"rendered":"The Shift Left of Boom: Making Cyber Threat Prevention Practical Again"},"content":{"rendered":"

by John Dominguez, Senior Director of Product Marketing at <\/span><\/i>Reach Security<\/i><\/span><\/strong><\/i>\u00a0<\/span><\/p>\n

The old saying \u201cprevention is better than cure\u201d has lost currency in today\u2019s cybersecurity industry. Instead, security teams are advised to assume that the business has been breached and focus on threat detection, investigation, response, and recovery. Yet, during cyber incident post-mortems, it is not uncommon to find that the business owned the tool that would have protected it against the breach. The problem arose because it wasn\u2019t correctly configured before the incident happened, and no one knew this \u2013 or if they did, they didn\u2019t have the time or resources to fix it.<\/span>\u00a0\u00a0\u00a0<\/span><\/p>\n

We often say that hindsight has 20:20 vision and playing a blame game after a breach is morale-destroying. What we need to do is flip the script and turn hindsight into foresight to make cyber threat prevention practical again. As an industry, we need to shift security left of boom and help businesses optimize the investments they have already made. That\u2019s easy enough to say, but harder to change in reality, especially if there is a lack of understanding around the current environment.<\/span>\u00a0<\/span><\/p>\n

Security Governance Challenges for Today\u2019s Security Architects\u00a0<\/span><\/b>\u00a0<\/span><\/p>\n

Security architects have an unenviable task on their hands. They are custodians of a vast cybersecurity tool stack that has usually grown organically with point solutions added as new threats emerge. It isn\u2019t unusual to find as many as 75 different tools in use in a single organization.<\/span>\u00a0<\/span><\/p>\n

And guess what? Each of those tools gets patches and updates delivered on a regular basis. No vendor wants to leave their solution with a vulnerability, so they push out patches and updates as fast as possible, leaving it to their customers to ensure they\u2019re properly applied and that new features are fully implemented and don\u2019t create unintended risk.\u00a0To illustrate the administrative load of patches and updates, we counted 380 new features released in 2024 by the top 20 security tools in the market alone.\u00a0Each tool offers around 20 independent controls that can be implemented, which results in an almost infinite number of combinations of new variables that a security team must digest every year. It just isn\u2019t sustainable \u2013 either the team is overwhelmed with work, risking mistakes and burnout, or decision paralysis sets in, meaning the business is being put at risk by the very tools it has purchased for the purpose of protection.<\/span>\u00a0<\/span><\/p>\n

Visibility is another challenge. Often, security tools don\u2019t talk to each other, leaving a lot of valuable data stuck in siloes rather than being accessible as a resource to help harden systems and prevent attacks.<\/span>\u00a0<\/span><\/p>\n

A further dimension to the visibility challenge is the ownership and management of different components of preventive security. Identity and access management tools, for example, may be owned and managed by the IT team. This can make it difficult for security architects to gain insight into their set-up and licensing terms to understand the capabilities available.<\/span>\u00a0<\/span><\/p>\n

Simply identifying all these tools, figuring out their configurations, and tracking their coverage is a full-time task \u2013 and with constant updates, it can be an endless process, like painting the Golden Gate Bridge. No sooner have you finished than you must start again. Naturally, in such a fragmented environment, delivering meaningful risk reduction, and reporting it in terms that boards will understand, is yet another challenge.<\/span>\u00a0<\/span><\/p>\n

Practical Threat Prevention: An Agentic AI Application<\/span><\/b><\/p>\n

The outcome of these combined challenges is a reactive approach that is always one step behind adversaries. To shift cybersecurity left of boom and adopt a proactive, preventive strategy, organizations:<\/span><\/p>\n