The rise of edge computing: What does it mean for cybersecurity?

Issue 7 2022 IT infrastructure, Cyber Security

Prenesh Padayachee.
Prenesh Padayachee.

As the number of users and devices connected at the edge of a network continues to grow, organisations are increasingly distributing their computing ability and network resources closer to where those users and devices are located. Rather than transferring data to and from one centralised data centre or the cloud, edge computing reduces response times, decreases bandwidth usage and maximises the real-time value of data for applications, processing or storage, by bringing it all closer to the source.

With all these advantages, edge computing is becoming a matter of necessity, and according to Gartner[1], 75% of enterprise-generated data will be processed at the edge by 2025, compared to only 10% in 2018.

But with the many advantages that edge computing enables come new types of vulnerabilities. Centralised computing models and conventional approaches to IT security are not typically suited for this new, more distributed approach to networking. Cybercriminals are now presented with a much larger and more distributed attack surface. Considering that one device or endpoint at the edge could compromise the core of an entire network, edge computing requires new approaches to cybersecurity. With edge computing on the rise, these are some of the key edge security practices every organisation should consider.

The secure access service edge

As more organisations are moving to the cloud and edge computing platforms, they find themselves in an increasingly complex and distributed network environment that needs to be managed and secured remotely. This necessitates modern approaches to security that can reduce complexity, adapt dynamically and provide a centralised way of controlling and monitoring security across multiple locations.

The secure access service edge (SASE) model is the answer to this. SASE brings together wide-area networking (WAN) and network security functions into a single, cloud-delivered service model. This gives organisations greater control, transparency and consistency over their edge operations, enables multi-cloud networking and allows security functions to be adopted ‘as-a-service’. This relieves organisations from having to install security software and infrastructure at remote edge sites where there is no (or limited) IT staff.

The evolution of WAN

Today’s SASE approach is best represented by the convergence of SD-WAN with other network and security services. As the next evolution of WAN, a software-defined wide-area network (or SD-WAN) enables a centralised overview and control of an entire network, and allows organisations to leverage more advanced software-enabled capabilities. SD-WAN optimises bandwidth usage and reduces the complexity of edge environments – which may rely on various Internet service providers or be distributed across multiple clouds.

More importantly, it offers a wider range of integrated security features such as intrusion prevention systems, content filtering, anti-malware and geo-IP firewalling, and helps automate certain security functions. With centralised control and automation, SD-WAN makes it far easier for IT teams to monitor, control and update security across an entire network, in real time, from one place.

The Zero Trust approach

Traditionally, users and devices could be granted access to a network based on their location. Those within the core of a network or data centre could be trusted inherently as they are protected by rigorous on-premise security measures. But as organisations’ networks become more distributed, especially with more employees working from home, this approach to security no longer works. A Zero Trust security model is centred on the belief that no user or device can be trusted automatically. It demands various authentication steps to ensure each device is properly secured, and limits access to the minimum resources the user or devices need, and no more.

A defence-in-depth design

When one security mechanism fails, organisations need additional layers of security in place to limit the success of a cyberattack. Edge computing has many distributed nodes, which is why organisations should implement a defence-in-depth network (DDN) design that develops security zones with different defensive mechanisms for each zone. This should include a variety of mechanisms, such as intrusion detection systems (IDS), firewalls, data encryption and integrity solutions. Because multiple layers of security mean more complexity, organisations should also try standardising their security protocols and processes to simplify management and enable faster responses to threats.

Physical security is also often overlooked when it comes to securing each layer of a network. Since edge networks are more publicly accessible, it is important to have strong physical security measures that can prevent tampering or intrusion via the firmware of an edge device. Devices also need to be configured correctly, while being patched and tested for new vulnerabilities on a regular basis.

The importance of partnership

As organisations move to the cloud, expand their networks and bring computing closer to the edge, the growing complexity of a distributed and hybrid IT environment makes it more challenging for them to secure every aspect of their networks. As cybercriminals find new ways to infiltrate networks, it has become more important for businesses – big or small – to bolster their IT security at every level. But not every company has dedicated IT security teams or adequate security expertise to deal with all of today’s evolving threats. Those organisations should find a trusted partner in cybersecurity and networking to guide them and ensure that their digital transformation journey doesn’t come at the cost of compromising their business.

[1] (or via the short link:*gartner5).

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

NEC XON modernises its security operations using MDR
iOCO Software News Cyber Security
The landscape of cyber threats has evolved dramatically, with cybercriminals becoming more interconnected and resourceful. This shift has necessitated the rapid acceleration of MDR services, which serve as a formidable bulwark against the modern adversary and promote business resilience.

Rack-mounted, three-phase online UPS
Security Services & Risk Management IT infrastructure Products
The new Eaton 93PX 15-20 kVA UPS combines high efficiency with a compact footprint, lower TCO, and improved cybersecurity to provide stable power for critical IT, industrial, manufacturing, and medical applications.

Protect your financial assets from unknown online threats
Products Cyber Security Financial (Industry)
Malicious actors employ a myriad of sophisticated techniques, such as hacking, phishing, spamming, card theft, online fraud, vishing, and keylogging, among others, to exploit unsuspecting individuals and gain unauthorised access to their financial resources.

Automated, real-time traffic analysis and ML-based mitigation
IT infrastructure Products
NetScout Systems has launched Adaptive DDoS Protection for its Arbor Threat Mitigation System (TMS) to dramatically improve the detection of distributed attacks that dynamically change vectors and target numerous destination IP addresses at once.

Five reasons why your board should push cybersecurity ‘boundaries’
Security Services & Risk Management IT infrastructure
From a technological perspective, micro-segmentation of your IT security environment can be viewed as a way to identify, isolate and curtail the reach of any threat – even once it is in your network.

Plan to use AI? Get your data ready
Integrated Solutions IT infrastructure
Artificial Intelligence (AI) is often perceived as an intelligent system that can handle any task. However, this notion crumbles when the AI is given poorly formatted or incorrect data. You cannot simply provide a few spreadsheets or databases to AI and expect it to work flawlessly.

Cyber incidents result in a 9% decrease in shareholder value
News Cyber Security
Aon published its 2023 Cyber Resilience Report, revealing that, on average, a significant cyber incident resulted in a 9% decrease in shareholder value – over and above the market – in the year following the event.

Automated ransomware recovery
Products Cyber Security
Organisations can now automatically recover from ransomware attacks with the capabilities in Cisco XDR, where the company is adding recovery to the response process by including infrastructure and enterprise data backup and recovery vendors.

Best practice tips for strengthening data privacy system
Security Services & Risk Management Cyber Security
International cybercriminals are increasingly targeting South African organizations, making data privacy more difficult to maintain. A standardization expert offers insight to help combat this threat.

The future of innovative business lies at the edge
IT infrastructure
Connectivity issues previously limited Edge's potential, but innovations like 5G and IoT have made it seamless. The data generated by connected devices enhances analytics, and AI improves customer experiences.