There are some very effective tools being sold to help organizations develop their cyber defense-in-depth strategy. Traditional companies have ramped up their offerings, and there are a host of venture-backed startups addressing many different aspects of the problem.
But simply purchasing these tools does not inoculate you from harm. Your organization must understand how to utilize them on a direct basis, and weave them into your defense-in-depth capabilities. The costs of familiarization, training, exercising, integration, and verification of these capabilities may exceed the cost of the tool, and should be considered before purchase. In one of the recent major security breaches, a well known tool had been purchased, but not deployed. The defense was sitting uselessly on the shelf. Make sure your organization follows through on purchases, and that you get verifiable results.