There are hundreds of cybersecurity products on the market and it can be difficult to select one between the noise.  Do you select a cybersecurity product based on an alert you see on the news?  Choose based on an advertisement or magazine article?  Do you simply select one because it appears on a “magic quadrant”?  Here are the top 5 tips for choosing a cybersecurity product.

Tip #1: Fits a Gap

The top tip for choosing a cybersecurity product is to look for one that fits a gap or need within your environment.  The most straightforward way to do this is to align your organization with a cybersecurity framework or maturity model. 

For example, if you choose the CISA Zero Trust 2.0 Maturity Model, the “Authentication” function within the “Identity” pillar requires “phishing-resistant MFA (multi-factor authentication)” once you reach the advanced maturity level.  To accomplish this maturity level and fill the gap within your posture, you may purchase hardware WebAuthn/FIDO2 keys such as Yubikey or Feitian.  This purchase fits a direct need and helps your organization achieve a higher cybersecurity maturity level for your chosen framework.

Tip #2: It Works

After you determine that a product fits a gap, it has to work in your environment.  See if you can do a free trial before you buy.  The product may also have a freemium model so you can use the free version and upgrade to the paid version when you determine that the product works and fulfills a need.  Even security hardware companies will usually let an organization test a product before purchasing.

Tip #3: Secure

This should go without saying, but a cybersecurity product should be secure.  It’s always a good idea to do your due diligence on a product and company before utilizing it.  The product should increase security posture, not the opposite.  You can request security audit or perform your own.  Research should also be performed on the company and product.

Tip #4: Pricing

The cybersecurity product should fit your budget.  If you need the product and you don’t have the budget…then you may need a larger budget.  Alternatively, you can look for less expensive or open-source options to fulfill your needs.

Tip #5: Recommendation

Lastly, you can choose a cybersecurity product based on a recommendation from a colleague.  The benefit with utilizing a recommendation is that you have a solid review from a trusted source.  On the downside, your colleague’s environment and use cases may be different than yours so the product may not work the same in your environment.  Additionally, it may be more difficult to find the most innovative product if you’re only choosing products based on older recommendations.  The most innovative product may be a new offering from a known vendor or new startup.

Velocity Can Help

Stern Security’s Velocity product helps organizations find the best cybersecurity products for their needs by aligning a company’s security posture to a security framework or maturity model (Tip #1), and then showing the solutions that are needed to fill the gaps.

Conclusion

While there are many choices on the market, these are the top 5 tips for choosing cybersecurity products. Use these tips to sift through the noise and choose the best products for your organization.