Most companies continue to juggle multiple cybersecurity vendors despite the mounting costs and operational challenges this approach creates, according to new research by Kaspersky.

The study, Improving Resilience: Cybersecurity Through System Immunity, found that 72 per cent of organisations operate in multi-vendor ecosystems. Nearly half of security professionals (43 per cent) said their security stacks are overly complex and time-consuming to maintain, slowing their response to threats.

Operational and financial pressure

The research, which surveyed organisations across Europe, Latin America, the Asia-Pacific region, the Middle East, Turkey, Africa and Russia, highlighted inefficiencies caused by fragmented security tools.

Budget overruns affect 42 per cent of organisations due to overlapping solutions, while 41 per cent reported that poor integration prevents automation of security processes. This often forces teams to rely on manual interventions, increasing the risk of human error. Another 39 per cent of respondents cited inconsistent threat visibility, as data from multiple tools frequently fails to align.

“The data indicates that many organisations rely on multiple vendors by default, rather than through deliberate strategic planning,” Kaspersky noted in the report. “An unchecked increase in complexity often leads to significant resource drain and operational inefficiencies… creating critical blind spots that make it harder to respond effectively to emerging risks.”

Shift towards consolidation

Despite these challenges, most companies still maintain multi-vendor setups. Only 28 per cent have adopted a single-vendor strategy, although nearly half of those surveyed believe one provider could meet their cybersecurity needs.

That balance may be shifting. Kaspersky found that 86 per cent of firms are moving towards consolidating their tools. A third have already begun integrating their security platforms, while a further 53 per cent plan to do so within the next two years.