Are you living in fear of a breach while, at the same time, facing the reality of a tight budget? You know you need to protect your business from threats, but how do you know if you’re throwing money at too many overlapping technologies or cutting corners and leaving yourself dangerously exposed?
As a seasoned cyber security expert and advisor on business tech stacks, I’ve witnessed the direct impact of these imbalances. Simply investing in cyber security tools doesn’t guarantee safety. But I’m here to help you move beyond guesswork and understand what truly constitutes the right level of investment for your unique business needs.
This article will equip you with the knowledge to assess your current tech stack and determine if you’ve veered into “tech sprawl” or “tech minimalism”. By the end of reading this, you’ll be able to answer the question: “How do I know whether I have too much or too little in my tech stack?”.
–
Reading Time: 7 minutes
What This Blog Covers:
What is a Tech Stack?
Before you ask, a tech stack is not a giant heap of hard drives, physical firewalls, and the like. In simple terms, your tech stack is the makeup of the products and solutions that you use to get your work done. While there are more complex layers when we talk about cyber security, at its core, your tech stack is the elements that make up the technology needed to secure your environment.
The purpose of building a tech stack (i.e., investing in multiple cyber security solutions) is to have a multi-layered defence system to protect your valuable data and ensure that your operations don’t stop for a second in the event of a breach.
Sounds good, right? But there’s a catch: simply investing in cyber security tools doesn’t necessarily keep your business safe. This is probably what brought you to this article in the first place. While not putting all your eggs in one basket by investing in multiple solutions is just good business, you can still have too many or too few eggs in your basket.
One of the first questions I ask my clients is: “Is your current tech stack genuinely working for you?”. It’s crucial to identify whether your investments are paying off or if they’re creating more problems than solutions. So, how do you determine if your current tech stack is working for you or against you? Let’s discuss it!
Tech Sprawl: When More Isn’t Better
Let me give you a scenario I’ve seen all too often:
Michael, the owner of a growing SMB, recently read our article highlighting the fact small businesses are the primary targets for cyber attacks. In a panic, he quickly began adding new cyber security tools to his organisation. Some were recommended by his managed security service provider (MSSP), and others he chose himself due to attractive reviews or vendor promotions.
Soon, Michael’s employees noticed issues: antivirus programs started conflicting with endpoint security software already installed by the in-house cyber security team, causing frequent system slowdowns and operational headaches. Instead of increased protection, the overlapping technologies created confusion, leading frustrated employees to disable or bypass essential security features just to get their work done efficiently.
This, my friends, is “tech sprawl”: the excessive use of many different tools, some of which overlap or even counteract each other. By rushing into investments without proper coordination, Michael took on unnecessary expenses and his business ended up with redundant, conflicting solutions that provided less protection than a single, strategically chosen and properly integrated suite.
Understanding what stack you currently have (before buying any more) is important because you want to focus your spending and energies on the areas that are most critical to you as a business.
How to tell if you have too much in your tech stack:
Overlapping Tools
Do you have multiple tools performing essentially the same functions? Like Michael, many SMBs buy equipment that already comes with a host of free software tools like antivirus, anti-ransomware, etc. Because they don’t know this, they then deploy more tech on top of what they already have.
Productivity Bottlenecks
Is your security hindering your team’s efficiency? Think of your cyber security tools as eager children wanting to help. But instead of silently running in the background, they’re too busy competing against each other to protect your business, which of course slows operations down.
Financial Burden
No matter how big or small your business is, cost is always important, and any investment a business makes has to showcase value – tech is no exception. Having too many tools in your stack means you’re paying for multiple products and services that essentially do the same thing. You may not notice this right away, but you’ll surely realise your misstep once you have a look at the numbers. So, before you hop on the latest trend, ask yourself: “What value does this tool set bring to my organisation?”.
Tech Minimalism: When Less Leaves You Vulnerable
At this point, you may be thinking that adopting the ‘less is more’ approach to your tech stack may be the best way to proactively mitigate tech sprawl – but think again. At the opposite end of the spectrum lies “tech minimalism”: where you’ve got too few products or services in place to actually do the right job and keep your business safe.
Remember Michael who stacked his tech to the brim? He has a friend Sophie, who has the opposite approach when it comes to protecting her business. Running a thriving small consultancy firm, Sophie prides herself on keeping overheads low and running a lean operation. To save on costs, Sophie opted for a free antivirus program for her team’s devices, assuming it provided enough protection since they hadn’t experienced issues before.
One morning, Sophie woke to dozens of frantic calls from the office. An employee clicked on a seemingly harmless email, unknowingly triggering ransomware that locked critical client files. Because Sophie’s minimalist approach didn’t include robust endpoint security or email protection, her basic antivirus solution failed to detect and stop Hailey the Hacker’s attack.
Sophie now faced an unexpected crisis: downtime, lost productivity, and worst of all, damaged client relationships. The costs to recover from the breach far exceeded what she would have spent investing proactively in a comprehensive cyber security stack.
Before you Marie Kondo your tech stack, have a look at what you have and see if you’re making the most of it.
How to tell if you have too little in your tech stack:
Insufficient Protection
All businesses heavily rely on email, which is why it remains the largest attack vector (tech geek for a hacker’s favourite place to live). This is the first place you want to protect. At the very least, your emails need to be scanned.
Focusing Solely on Cost Savings
Are you looking for ways to tighten your belt instead of prioritising what kind of protection your business needs? A free solution might seem appealing at first, but whilst you think you’re making a saving because you haven’t had to buy it, the reality is that you’re not protecting yourself properly and leaving your business exposed.
Long-Term Costs Outweighing Short-Term Savings
Closely tied to my last point, having too slim a tech stack has a larger adverse effect than you think. Again, you might be saving money month on month, but the long-term impact on your business could be far more expensive. You’re essentially looking at either spending a few extra hundred Pounds or facing bankruptcy if you have a data breach.
Regular Tech Audits to Balance Your Stack
Cyber technology is in a constant state of flux: a tech stack that was perfectly adequate last year may fall short of meeting today’s challenges. So, it’s crucial to find a balance between keeping up with the changing environment and maintaining your security posture by keeping a close eye on your tech stack.
A prime example of this is what happened during COVID. One day, your organisation had a tech stack that was traditionally based around people working from an office. This meant that your data was being held in a single location and accessed primarily from that location. Then the world changed overnight, and all of a sudden, your whole workforce was sitting in various locations and accessing that data differently.
I’m in no way trying to manifest another pandemic (touch wood!), but I want to stress the importance of scheduling regular tech audits to assess your current stack and identify any vulnerabilities or gaps.
Integration: Ensuring Seamless Collaboration Between Your Tools
Beyond just the number of tools, integration is key. If your data is scattered across disparate systems, your team will struggle to access it and make informed decisions. Well-integrated tools offer advantages in data management and data loss prevention (DLP), ensuring your most valuable asset is protected.
You’ll also have the added benefit of knowing exactly where your data is stored, how it’s protected, and who has access to it. This includes considering data leakage when employees leave. Poor integration can lead to dreaded data silos and lost productivity. A great example of this is when clients are keen to jump into Microsoft Copilot without having the right data management measures in place. Poorly managed data can become a vulnerability with AI tools – but I digress.
Tech Alone Isn’t Enough: The Value of User Awareness Training
Before we go our separate ways, I cannot overemphasise the significance of user awareness training. You can invest in the most advanced technology available, but if your employees aren’t using it correctly, it won’t provide the protection you need. Educating your people about cyber threats and best practices is the most valuable investment you can make in your organisation’s security.
It’s like having a perfectly secured home with alarms, flood lights, video cameras and window locks. But if you leave the front door open, people can just walk in. It doesn’t matter what you do from a spending perspective, education is absolutely key.
Finding Your Tech Stack Balance: Empowerment and Expert Guidance
You should now feel more empowered to assess your current tech stack and determine if it truly aligns with your business needs. Remember, finding the right balance isn’t about having the most tools but about having the right tools working effectively for you. But, don’t feel pressured to navigate this alone – help is available.
We’ve explored the dangers of both “tech sprawl,” where overlapping and conflicting tools hinder productivity and strain your budget, and “tech minimalism,” which leaves you vulnerable with insufficient protection. The core challenge is ensuring your technology investments are genuinely contributing to your security and operational efficiency.
Engaging an outside expert can offer a fresh perspective and help you steer clear of common pitfalls. I view it as a meeting of the minds, where I can combine my specialised knowledge of technology with your intimate understanding of your business.
Don’t wait until a problem arises. Establish a relationship with a trusted partner who can guide you through the process and assist you in making well-informed decisions to balance your tech stack.
