Source: Help Net Security
Author: Mirko Zorz
URL: https://www.helpnetsecurity.com/2025/07/09/why-cybersecurity-friction/
ONE SENTENCE SUMMARY:
Internal cybersecurity friction, driven by complex tools, unclear processes, and cautious culture, hinders security teams more than external threats.
MAIN POINTS:
- Security teams face internal friction due to tool sprawl, unclear ownership, and rigid processes.
- Disconnected tools require analysts to switch dashboards, slowing response and increasing alert fatigue.
- Approval-heavy workflows delay incident response, risking critical containment windows.
- Lack of context in access requests leads to repeated clarification cycles, wasting time.
- Ambiguities in responsibilities cause delays and confusion during handoffs between teams.
- Caution culture discourages initiative, pushing decisions upward and reducing overall team agility.
- Burnout and normalized inefficiencies lower morale and inhibit improvement efforts.
- Evolving security roles now require balancing protection with enabling business growth.
- Integration and shared data visibility can reduce both friction and risk.
- Clear thresholds and role clarity empower faster, accountable responses without sacrificing security.
TAKEAWAYS:
- Streamlining tools and processes can significantly improve security team efficiency and morale.
- Trust frameworks and role clarity reduce the need for excessive approvals.
- Culture change must promote speed and responsibility, not just caution.
- Shared visibility and system-level enforcement reduce manual friction.
- Internal delays are a silent threat that can undermine security more than external attacks.