March 1, 2022
Learning

Cybersecurity is Needlessly Complicated…on Purpose. Here’s Why.

As an outsider looking in, it feels impossible to get a grip on cloud security by yourself... and it was purposely built to feel that way. Let's break down why.

Cybersecurity is an exclusive club that is largely unmanageable and inaccessible to most people in an organization.

Now, if you’re a Fortune 10 company with a big wallet and a well-groomed team of cloud security talent, it might not feel that way… but that’s completely by design.

The cybersecurity industry is one that doesn’t really guide or talk to it’s customers — it mostly talks to itself. It has its own complex language that forces your brain to tune out, and the language changes from platform to platform. The few who know the hidden tricks for quickly optimizing and saving hold that information tight to the chest, with an air of superiority. They’re elitist and have low expectations of their customers, which only manifests in the tools they create — laden with anxiety-driven data, overwhelming alerts, and exceptionally bad customer experiences.

As an outsider looking in or a newcomer to the space, it feels impossible to get a grip on your cloud by yourself, and that’s exactly how it was designed to feel.

Here at Tenacity, we believe that your ability to protect your cloud infrastructure shouldn’t be reliant on how big your wallet is. It’s time to speak plainly about cloud security, demystify the language, and clarify what you should focus on and what problems to solve first. You’re not stupid for not knowing… you’re smart for even thinking to ask.

So, let’s start by breaking down why cybersecurity is designed to be so purposely complicated in the first place.

Cybersecurity is designed so spending is easy and saving is impossible

Anyone in cloud security will tell you that it’s easy to rack up cloud spend. What’s difficult is finding and implementing cost-savings solutions.

Whether you’re one of the largest enterprise cloud users or a single developer, you’re likely overpaying for cloud computing. According to Pepperdata, more than one-third of businesses have cloud budget overruns of up to 40%, and 1 in 12 companies even exceed that number. 

While many cloud providers like AWS provide deals to help cut costs, they’re overly complicated to master. Even for FinOps professionals, whose job it is to focus on getting maximum business value through cloud financial management, only 12% of practitioners managed to actually automate the use of savings plans like committed spending or reserved instances, which goes to show you just how complicated it is to find central visibility over your cloud usage.

However, AWS isn’t exactly incentivized to help organizations cut cloud costs. Every year since at least 2014, more than half of Amazon’s operating profit has come from it’s AWS cloud division, with AWS ending 2020 with $13 billion in operating income. It’s also been reported that when it comes to bandwidth for data transfer, AWS customers in the US and Canada pay 80x Amazon’s actual cost for the service, with their widest margins of revenue and profit reportedly coming from their small and medium-sized customers. Larger organizations enjoy sweetheart deals not available to the likes of us mere mortals. 

However, AWS is just one of many cloud platforms that keep cost data tied up in complex, hidden levels so that it’s difficult to optimize and make clear decisions about spend. This leads to many organizations having to seek out third-party solutions like Tenacity to bring clarity and cost savings strategies to their unique business context.

Cybersecurity is built for enterprise organizations

It’s no coincidence that larger organizations are the only ones who benefit from things like cloud-usage discounts from cloud providers. Most cybersecurity tools were built for enterprise-level teams that have a specific amount of support and spend behind them.

The Fortune 500 are able to throw millions of dollars at cybersecurity solutions and oftentimes have two or three dozen tools in their arsenal to solve overlapping problems. They likely have a specialized staff that has lived in AWS or Azure for the last five years and may not need the background, contextual knowledge behind each alert or misconfiguration. They like to work in a specific way that they have always known (which has never focused on user experience) and they typically have complicated needs that you and your colleagues do not.

However, because these organizations are often the ones with the largest cloud budgets, the primary cloud providers have built their product to satisfy those customers and their complex needs. The result is tools built by and built for engineers. Customer experience isn’t an afterthought… it’s given no thought at all.

Cybersecurity “solutions” are a headache to navigate

So, if public cloud tools are built specifically for enterprise organizations, what does that mean for the small and medium-sized businesses that are using the same tools alongside them? In short, an awful user experience.

Third-party solutions often take users through multiple levels of hoop jumping, phone tag, and credit card submissions before you can even begin to test their services. Once you’re logged in, you’re inundated with a tidal wave of new “urgent” alerts that you have to keep up with. Soon enough, these tools often fall off the radar because they don’t get prioritized in the 30 or 40 log-ins, tools, or portals you have to go to in order to manage them.

But sticking with tools provided by public cloud providers provides its own set of aches. 

As VentureBeat put it, “The vision for amazon.com has long been to be the ‘everything store,’ and it’s clear that AWS is trying to be the ‘everything cloud.”

While AWS’s high-priced and comprehensive offerings may be a selling point for it’s enterprise-level customers looking for niche complexity, it leads to an overwhelming and confusing experience for the majority who do not need the hundreds of products they offer, or have the teams needed to sort through all of the complexities woven into their offered solutions.

However, AWS is not alone in this. Just look at the sheer number of cybersecurity acronyms that exist in this industry, or the wide-range of tool names that change from platform to platform.

Unfortunately, the security concerns that stem from these complex systems and ways of thinking (not to mention limited visibility over all of it) create a breeding ground for vulnerabilities. In fact, 65 to 70% of all security challenges in the cloud stem from misconfigurations. 

“For cloud customers, this hidden cost of complexity is immense,” VentureBeat reported.

Time to Get a Grip on Your Cloud

As you can see, cloud security was designed to be intentionally complex — but it’s time that we leveled the playing field and removed the hurdles.

Tenacity is democratizing the cloud by breaking down all the ways that you can quickly optimize your cloud environment, reduce your cloud spend, and get your hands around your cloud assets once and for all. Plus, we’re doing it all with customer experience at the forefront. We want to help you identify the issues in your environment that should be tackled first, contextualize why they’re a problem, and give you the confidence you need to go solve the issue. 

We have a fundamental belief that cybersecurity is for everyone, whether you’re bootstrapping, you’re a small family business, or you’re a mid-size organization. We have a fundamental belief in you.

Want to see the cost-savings and solutions that Tenacity can provide for your organization? Click here to Sign Up today - no meetings, no credit card, no sales people required. That’s how you democratize the cloud.

Latest articles

Browse all