IT security is broken: six ways to help fix it

October 2019 Cyber Security, Security Services & Risk Management

It would seem that IT security has reached an interesting crossroads: despite a proliferation of investment, only a quarter of business leaders across Europe, Middle East and Africa are confident in their current cybersecurity, and less than a fifth are confident in the readiness of their people and talent to address security concerns, according to a recent VMware and Forbes Insights study.

When you consider that across Europe, almost a third of organisations have in excess of 26 individual non-integrated security point products installed across their enterprise – each with their own user interface, their own management policies, and their own skillset requirements – it’s not surprising that there’s a security headache on the horizon, this time of our own making. Just the management of all these new solutions is a huge challenge.

In this article we outline six ways that can help partners turn their conversations with customers from spending even more on security point solutions, to adopting a new security strategy for their operations, their mobile workforces, their apps and their brand reputation.

1. Change the conversation from perimeter defence to how fast they can react

The existing thirty-year-old model for IT security – secure the network perimeter with an ever higher and thicker firewall, then plug any holes that appear due to new technologies (such as mobility, cloud, new devices and apps, SaaS, etc.) with point solutions – just isn’t doesn’t work in today’s businesses.

In the modern world, traditional security is either ineffective, or too complex, or too expensive, or too difficult to manage, and usually all of these together. Why? Because the attack surface being exploited by malware has dramatically increased. We need a new approach.

With the sheer volume of threats out there, security breaches are inevitable: what matters today is not spending all your budget on trying to prevent them, but instead on how fast you can detect them and how quickly and effectively you can mitigate their effect. Organisations need to move beyond pure endpoint detection and response, to a more holistic approach. VMware’s recent acquisition of Carbon Black, for example, signals a shift in the industry away from pure perimeter defence to looking at the ‘bigger picture’ for enterprise IT security.

A change in philosophy is also as much about culture and collaboration as it is about technology and requires the breaking down of traditional silos of IT, security and other functions within the organisation.

2. Ensure customers can plan for the unknown

A key problem is that the industry is heavily focused on chasing threats, which are largely unknown in nature. This is putting more emphasis on the attacker than on the defender. But given the size and complexity of the threat landscape, this is an overwhelming task. We only know what is bad once we’ve found it, since in practice, the sheer number of threats means that we don’t, indeed can’t, know what bad looks like before we’ve found it. Continuing to chase after bad is destined for failure.

Even worse, the industry continues to invest the bulk of security R&D, time and innovation on the sort of reactive, ‘search for bad’ solutions that we know are becoming less and less effective over time.

Being hyper-focused on reactively chasing threats means many organisations are increasingly underinvested in preventive security solutions – solutions that can shrink the attack surface and don’t solely rely on having to react to threats that are identified as ‘bad’. Knowing what ‘good’ looks like and being able to detect deviations from it, a thing every IT or security expert will fully understand, is much more effective. No one knows your apps, data, devices, and user environment better than you. After all, you probably wrote and provisioned them in the first place.

This is one reason organisations have to plan their IT security to accommodate the great unknown. They will not survive by reacting to a threat as it is defined today – the landscape is evolving too quickly. Any strategy that is reliant on knowing what the threat is upfront is already behind the curve.

3. Work with businesses to adopt an inside-out approach

Modern business is reliant on collaboration and connectivity. Security has to reflect this and needs to be designed from the inside out: inside the application, inside the network and at the user and content level.

Across EMEA, the traditional response to any security crisis is to spend more money on even more tactical point solutions. But with more than a third of organisations admitting to having 26 or more security solutions installed already (with some actually having more than 200), the response is becoming a problem in itself – one of management, skills and integration. To add insult to injury, they are becoming less and less effective – breaches continue to threaten even the largest and well-known companies.

We need a new approach. Think of it this way: you’re the mayor of a city where houses are constantly under threat of burning down. Do you continue to hire more firefighters or do you look at a way to make houses less flammable? Yes, in the short term more firefighters are essential, but for the long term, a different, preventative approach has to be adopted.

That's really what we're talking about when we talk about intrinsic security: finding ways to design security into the applications and network from the start.

4. Use software to make the network and infrastructure intrinsically secure

But how do you make the network and infrastructure intrinsically secure? Given the complexities involved, the only answer is through software.

A software abstraction of the network and other infrastructure enables technologies such as micro-segmentation. This allows the virtual network to be segmented down to an extremely small and granular level, in fact down to the level of individual apps and processes. Since each micro-segment is by default isolated from other segments, this is functionally equivalent to surrounding each app with its own zero-trust firewall, allowing you to define through policy what connectivity the app can have.

This mitigates the effect of breaches since malware can only propagate as far as the next micro-segment before encountering the next firewall. Since this is all implemented in software, the security policies associated with micro-segmentation can be automated, allowing the management of a degree of complexity that would simply not be possible otherwise. Security through software can effectively be self-managed, removing the bottleneck of having expensive, inflexible hardware or error-prone human interaction.

Simply put, you no longer have to attempt the impossible and try to recognise an ever-worsening avalanche of new malware. Instead, you can concentrate on the business, knowing security is baked fully in from the start.

5. Use the network as the vehicle to deliver security

Most organisations are in the midst of becoming fully digital. While this transformation promises to deliver new experiences for customers, employees and partners, it also gives rise to major headaches for IT and security teams because existing security paradigms are not designed to cope with such a diverse and complex environment.

Security needs a vehicle and the network is that vehicle.

Why the network? John Gage of Sun Microsystems famously said a few years ago that 'the network is the computer'. Well, today it would probably be more accurate to say 'the network is the application'.

Because modern applications are increasingly modular, existing as linked micro-services, or running from multiple containers or distributed between clouds, the single common denominator is that the modular elements of each app are all connected together by the network. It’s the common fabric that links everything together, so as it touches everything in the infrastructure, it’s also the perfect vehicle to deliver security to everything in the infrastructure with technologies such as micro-segmentation, service-defined internal firewalls and application-level whitelisting. Because of this, and the need to transform both security and the network as part of digital transformation, networking and security are rapidly converging.

With infrastructure abstracted as software, you can build in security across the entire software stack using these principles so that when customers are deploying their applications across any cloud, any device, there is a common element that delivers these capabilities – the network.

6. From the cloud to the edge and beyond

Five years ago, the idea of edge computing seemed impossible; everything was about the data centre. But much like the threat landscape itself, the capabilities of what computing can deliver is changing on an almost daily basis.

This has resulted in the power of the network taking over, allowing edge computing and IoT to open up new opportunities for every data-driven industry. The quantity of useful, actionable data being generated near to where the sensors are, in cars, trains, planes, manufacturing machinery, washing machines, etc. is so large that it simply isn’t possible any longer to transfer all this data back into the cloud for real-time processing. Edge computing is about processing this data close to its point of collection to allow its use in real time.

While we are only at the beginning of this revolution and don’t really know what’s beyond what we can see in the near future, two things are clear: we know the foundational software that’s being used to enable edge needs to be intrinsically secure, in and of itself, and using the network as the vehicle to achieve this.

If we look at security in this way – a fundamental, integrated part of the infrastructure itself, rather than trying to add it onto the perimeter – then we are enabling and future-proofing foundational technologies such as edge .

We now live in a world of way greater complexity, even compared to only five years ago, with more interactions, connected devices, sensors, dispersed workers and new models such as the cloud, all of which have created an exponentially larger attack surface for cyber threats to exploit. While this has raised questions of enterprises’ abilities to protect themselves in this more sophisticated digital age, it also provides an opportunity for partners to re-engineer the conversation with their customers.

Implementing a new intrinsic security, fit for the requirements of modern business today and into the future, is a unique opportunity for a service provider.

For more information go to https://www.vmware.com




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Pwn2Own hacking contest to include industrial control systems
October 2019 , Cyber Security
As IT and OT converge under Industry 4.0 and digital transformation initiatives, security gaps are emerging in a range of popular industrial control systems.

Read more...
Stolen credentials on the Dark Web
October 2019 , Cyber Security, Security Services & Risk Management
Over 21 million credentials belonging to Fortune 500 companies, 16 million of which were compromised during the last 12 months, are up for sale.

Read more...
Stolen credentials on the Dark Web
October 2019 , Cyber Security, Security Services & Risk Management
Over 21 million credentials belonging to Fortune 500 companies, 16 million of which were compromised during the last 12 months, are up for sale.

Read more...
The importance of XDR for cyber protection
October 2019 , Cyber Security, Products
35% of South African organisations are expecting an imminent cyberattack and a further 31% are bracing for it to happen within a year, according to local research conducted by Trend Micro.

Read more...
Enterprise security must change
October 2019 , Cyber Security, Security Services & Risk Management
The recent wave of cyberattacks against local banks has highlighted the importance of protecting data against malicious users.

Read more...
Kaspersky uncovers zero-day in Chrome
October 2019, Kaspersky Lab , News, Cyber Security
Kaspersky’s automated technologies have detected a new exploited vulnerability in the Google Chrome web browser.

Read more...
Body-worn cameras transforming security
October 2019 , CCTV, Surveillance & Remote Monitoring, Security Services & Risk Management
Police Service Northern Ireland now has over 7 000 officers using 2 500 cameras covering approximately 173 000 incidents each year.

Read more...
Protecting your customers’ data
October 2019 , Training & Education, Security Services & Risk Management
Simon Murrell, head of development and executive director at BrandQuantum says companies need to protect their customers from identity theft and data breaches.

Read more...
Cybersecurity for video surveillance systems
September 2019 , Cyber Security, CCTV, Surveillance & Remote Monitoring
Video surveillance systems are increasingly accessible over any IP network, which has led to the rise of potential cyberattack.

Read more...
Cyber-securing your surveillance infrastructure
CCTV Handbook 2019, Genetec, Hikvision South Africa , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Cyber Security
When it comes to cybersecurity, understanding the risks and the solutions as well as engaging in open communication helps everyone.

Read more...