Cybersecurity: When is “Good Enough” Good Enough?

Considering Best of Breed in Security Solutions

When I hear the term “best of breed” (BoB) I immediately think of the National Dog Show, with each dog competing to be “best in breed” and then on to “best in show”.

In the context of cybersecurity then, BoB is the product that is best in its class, superior to others based on a set of objective measures, where all would agree on the judging criteria, and the outcome.

And herein lies the problem… there is no industry standard to define “best of breed” (or class of product, for that matter). As in all things cybersecurity, the answer DEPENDS. It depends on what outcome you’re trying to achieve with your security program. It depends on what exists in your security stack, and how well the new product might integrate with that. It depends on how technically competent your staff are when it comes to this solution. It depends on what threats your organization or vertical or geography face. Ultimately, there is no BoB — there is only what is Best For You (BFY).

When it comes time to implement a new tool/solution in an organization, the question of whether to select the product that is BoB versus “good enough” (also known as “minimal viable security” or MVS) arises. This comes with an underlying assumption that…