One of the five main findings in our newly published Security Outcomes Study, Volume 2, was the clear benefit in having a proactive strategy of refreshing business-critical technologies. So, what exactly does this mean — and why are we focusing on it here?

In Part 1 of this five-part blog series focusing on each of the top five security practices outlined in the study, a tech refresh strategy is under the microscope. What does it mean? Why does it matter? How often should a technology refresh take place? Who determines this schedule?

All valid questions. Let’s start from the top.

The Clear Need for Tech Refresh

Every day, Security Technology Debt — or the lack of investment in security technologies — reduces the effectiveness of global security teams that support business change. Our report found that, on average, nearly 40% of in-use security technologies were considered outdated.

As you could guess, this level of technology debt is a drag on security teams. Maintaining these older technologies drains resources that could be used elsewhere. And one can safely assume that very few CISOs are so flush with team members that they are hunting for something for them to do!

Figure 1: Effect of IT architecture traits on tech refresh performance

A Solution in the Cloud

For a more effective refresh strategy, organizations should adopt a modern, consolidated, cloud-based architecture. The survey found that, when this approach was used, nearly 72% of respondents benefitted from a strong refresh program — a full third higher than those with an on-premise architecture.

By using modern cloud-based technologies, organizations have an excellent starting point for their tech refresh program, resulting in an above-average capability.

Figure 2: Effect of cloud vs. on-premises environments on level of security tech integration

Integrations with Ease

This should come as a surprise to no one, considering the ease of integration with cloud-based technologies. Modern cloud-based technologies typically come with “out of the box” integrations or can easily integrate through the use of APIs.

These integration capabilities are extremely important to security leaders, as 30% of study respondents saw “ease of integration” as a key factor in solution choice — the biggest driver of technology decisions. Ease of integration was expected to reduce implementation risk by requiring less deployment effort, as opposed to keeping “best of breed” solutions up-to-date.

Given the move toward multiple integrated technologies and the move away from “best of breed” solutions, a cloud-based approach is critical to ensuring each of these separate but integrated technologies is up-to-date with the latest and greatest security capabilities.

When redefining architecture for today’s business, aim for cloud delivery when feasible, use constant refreshes to keep things current, and consolidate whenever possible.

Who Should Determine an Upgrade Schedule?

A significant factor in keeping up with business change is frequency of upgrades. Those pursuing a quarterly upgrade policy showed a 60% greater ability to keep up than those following an annual upgrade policy.

Though an organization may have a structured, frequent refresh program, what is determining that refresh cadence is also important. The most common driver is vendor relationship.

A refresh can be initiated by a vendor-driven schedule or as part of a consolidation initiative. In our study, these were significant factors in more than 65% of organizations with a strong technology refresh performance, rather than those who either drove their own initiatives or simply reacted. By contrast, less than 50% of organizations that adopted a reactive strategy managed a strong technology refresh.

Figure 3: Effect of primary drivers for upgrades on security tech refresh performance

There may be several reasons for this. Vendors may often have a broader view across many organizations in multiple verticals and regions. This could help them understand new requirements and change more quickly.

One may argue that these are observations that would naturally be made by us, since we are, ourselves, a vendor. But the most important factor is the benefit gained from more efficiently managed security — a benefit which is universal.

Top Takeaways for the Tech Refresh

The pace of change in business both drives and is driven by new technologies. This empowers more dynamic organizations to address their particular markets with speed and agility. The consistent challenge for security teams is keeping up with the change their business colleagues demand.

Adaptation through a proactive technology refresh strategy will support rather than inhibit change, and our study reveals the top ways to achieve all the best business outcomes.

So, what can we ultimately conclude from this study? When designing and developing security architectures, adopt a series of principles that:

  • Keep technology as modern as possible
  • Help implement consolidated, cloud-based architectures
  • Incorporate periodic refreshes, preferably every quarter
  • Illustrate how vendors can support the refresh program

These will boost your chances of supporting required business outcomes and provide a better-managed set of security functions. On the practical issues of achieving a well-integrated technology architecture, watch for our next blog in the series.

And, of course, to discover how to maximize each of the five key drivers that lead to the greatest security outcomes, read our full report.

We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!

Cisco Secure Social Channels



Richard Archdeacon

Advisory CISO

Cisco Security