CAMBRIDGE, Mass. – As everything a credit union does for its members, from core transactions to processing payments, gets more and more exposure online, security concerns proliferate, as do the tools to meet them. While they're spending more on IT security, but how much value do organizations feel they're getting from that investment? "Only 30% of IT security managers feel they've received full value from their IT security technology investments," says Laura Koetzle, an analyst with Forrester Research in Cambridge, Mass. In her research, she adds, "Respondents report acquiring an average of six different IT security widgets and often choose to hedge their bets by deploying the same technology from more than one vendor." In a new report titled "No More IT Security Widgets, Please", she recommends using audits to match IT security with reality, and "instead of searching for one perfect solution, employ cheap, overlapping controls to mitigate IT security risk." Here are two tables from her report. One focuses on IT security deployments, the other is a list of some suggested best practices that CU security managers might want to consider.