As cybersecurity talent shortages persist, many organizations are bolstering their defenses with unified identity strategies and managed detection and response services. These external partnerships can help ease staffing gaps and accelerate threat detection, but they also create a risk of overreliance when internal teams lose visibility or control. Strengthening long-term resilience requires leaders to rethink how much of their security strategy can be delegated and how much must remain inside the organization.
Sustainable cybersecurity depends on more than tools or vendor expertise—it calls for stronger internal muscle, clearer accountability and intentional investment in people, processes and architecture. Below, members of Forbes Technology Council highlight strategic shifts that can help organizations build security from within and avoid placing mission-critical defenses entirely in the hands of outside partners.
Adopt A Zero-Trust Framework
As a SASE vendor, we advise businesses to adopt a zero-trust framework that integrates identity, network and cloud security into a unified architecture. This reduces vendor dependency by consolidating controls, automating threat response and enabling in-house teams to manage security holistically. – Etay Maor, Cato Networks
Champion A ‘Security-First’ Culture
Leaders must champion a companywide “security-first” culture. This strategic shift moves accountability from a siloed IT team or external vendor to every employee. It involves embedding security awareness and responsibility into all roles and processes, from product development (shifting security left) to finance and HR. This approach makes security a shared business enabler. – Priyadarshni Natarajan, Walmart
Maintain Ownership Of Core Risk Decisions
Organizations can outsource security activity, but they cannot outsource full context or liability. Third-party partners can execute on your defense strategy, but the organization has to maintain ownership of the “what,” “why” and “how” of risk. Organizations need to maintain ownership of their core decision-making while carefully selecting and curating partners to help them execute. – John Linkous, Phalanx Security
Embed Cyber Thinking Across All Departments
Stop treating cybersecurity as a tool to be bought. Instead, treat it as a muscle you build. Leaders should embed cyber thinking into every team, not just IT. Invest in internal threat simulations, cross-train analysts in business teams, and reward secure decision-making. This builds resilience that no external vendor alone can provide. – Rahul Wankhede, Humana
Upskill Teams And Align Defenses To Your Risk Profile
Business leaders should prioritize building in-house cybersecurity capabilities by upskilling teams, implementing zero-trust architectures and embedding security into every business process. This approach reduces dependency on external vendors while creating resilient, proactive defenses aligned with the organization’s unique risk profile. – Balasubramani Murugesan, Digit7
Assess Exploitability And Impact With Ground-Truth Data
Use your own ground-truth data (IdP, EDR, cloud, CI/CD) to score exploitability and impact per asset and user in near-real time, then drive detections, access and response off those scores. Vendors (IdP, EDR, MDR) become interchangeable sensors and actuators that feed and follow your model. The result is vendor-portable decisions, higher signal-to-noise, and faster, auditable risk reduction. – Michael Roytman, Empirical Security
Invest In Continuous Data Activity Monitoring
Many organizations are missing the continuous data activity monitoring element of their security strategy. AI is becoming the new insider threat. However, an ongoing monitoring solution can detect anomalies—whether malicious or simple mistakes—quickly and protect organizations, no matter who is accessing their data, including inside and outside users or AI agents. – Todd Moore, Thales Group
Automate Repetitive Tasks To Elevate Cybersecurity Work
Business leaders should work with their department heads to identify the repetitive tasks that could be automated to increase efficiency. Automation isn’t about replacing developers or security analysts. Instead, it’s about freeing up time from mundane, routine work to allocate to strategic, higher-value thinking in the realms of cybersecurity, finance, marketing and R&D. – Matthew Polega, Mark43
Make Your Data Unusable If Breached
Shift from perimeter defense to making data itself unusable if breached. Encryption alone won’t cut it—quantum computing will easily crack today’s encryption. Fragment and scatter data across multiple locations instead. Even if your systems are breached, attackers get meaningless fragments with no way to reconstruct anything. It’s architectural resilience that doesn’t depend on vendors staying one step ahead. – Greg Salvato, TouchPoint One
Build Cross-Functional ‘Cyber Fusion’ Teams
Shift from outsourced defense to shared accountability. Build internal “cyber fusion” teams where security, IT and business units co-own risk decisions. External MDRs are force multipliers, but resilience comes when every employee becomes part of the detection fabric. – Sai Krishna Manohar Cheemakurthi, U.S. Bank
Shift To Orchestrating Trust And Shared Responsibility
Leaders should shift from outsourcing security to orchestrating trust. Instead of buying more tools or services, build a culture where every team treats identity and detection as shared responsibilities. When employees become the first layer of defense and technology becomes the enabler, security transforms from a vendor-delivered service into an organizationwide instinct. – Nishant Sonkar, Cisco
Build Internal Security Context And Control With AI
Business leaders should shift from outsourcing detection to building internal context and control. External vendors can monitor threats, but only the organization understands its unique people, processes and risk signals. Investing in AI that learns internal communication and behavior patterns strengthens defenses from within, turning identity, not infrastructure, into the new security perimeter. – Mike Britton, Abnormal AI
View Compliance As A Lever For Zero-Trust Architecture
It’s a mindset shift: Stop viewing compliance mandates as painful checklists or tasks to simply outsource. Instead, see them as strategic levers to fund and advance your internal zero-trust architecture. The technical controls in frameworks like CMMC are the very building blocks of ZTA. Architecting this way builds true organizational resilience and strengthens your overall security posture. – Neil Lampton, TIAG
Assume Every Endpoint Is Compromised
Adopt a “breached-by-default” design. Assume every endpoint and vendor token is compromised and implement least privilege with short TTLs, identity rate limits, per-app kill-switches and blast-radius SLOs (contained in under 15 minutes). Build a tiny resilience engineering team and use MDR to audit, not defend. – Margarita Simonova, ILoveMyQA
Take Full Advantage Of Native Platform Security Features
Modern organizations leveraging cloud platforms such as AWS, GCP or Azure should be aware of the foundational security capabilities that are already integrated into these environments. The strategic shift that leaders should make is to fully utilize and configure these native security features before engaging additional third-party tools or vendors. – Metin Kortak, Rhymetec
Create Cyber Resilience Hubs To Train Teams
Business leaders should create cyber resilience hubs that unite internal expertise, automation and shared intelligence frameworks. Training teams in AI-driven detection, threat simulation and response builds lasting in-house capabilities. This reduces vendor dependency while fostering a culture of proactive defense and continuous improvement. – Nicola Sfondrini, PWC
Invest In Internal Threat Modeling
It is critical for enterprises to identify vulnerabilities during system design rather than treating security as an afterthought. While relying on vendors can be beneficial for their research capabilities, 100% dependence is not recommended. I suggest investing in building internal threat modeling expertise to ensure better alignment with your enterprise-specific architecture. – Vasanth Mudavatu, Dell Technologies
Empower Teams To Build More Resilient Systems
Put money into making your systems more resilient against cyberattacks, not just protecting them. Give your internal teams the tools they need to do threat modeling, automate response playbooks and build zero-trust principles into the design of your products. External MDRs can help with capacity, but the best way to stay safe is to build up your own intelligence and keep learning. – Jyoti Shah, ADP
Establish An In-House Cyber Storytelling Council
Replace outsourced alerting with in-house narrative. Establish a cyber storytelling council—security engineers, data analysts and HR—to translate incidents into business lessons within hours. Each story updates policy, training and design patterns. Turning breaches into cultural code creates adaptive immunity that vendors can’t replicate, making security a living discipline rather than a rented service. – Jagadish Gokavarapu, Wissen Infotech
Original Story: https://www.forbes.com/councils/forbestechcouncil/2025/12/08/how-companies-can-improve-security-without-more-vendor-support/
