A cybersecurity New Year’s resolution: simplify security
By Anthony Perridge, EMEA Channel Director at Sourcefire, now a part of Cisco
As the year comes to close and we look ahead to 2014, many of us turn our attention to New Year’s resolutions. Losing weight, quitting smoking or getting fit are all popular goals. But as our lives become more complex and harried, one resolution that I hear with increasing frequency is: I want to simplify my life.
Many of the world’s greatest thinkers have touted the virtues of simplicity:
Simplicity is the ultimate sophistication. – Leonardo da Vinci
Our life is frittered away by detail…Simplify, simplify. – Henry Thoreau
Life is really simple, but we insist on making it complicated. – Confucius
And this got me thinking about simplifying security. Cybersecurity is becoming so complicated that you could argue that complexity is one of our biggest security challenges. The evolving trends of mobility, bring-your-own-device (BYOD), cloud computing and advanced targeted attacks are driving this complexity.
Today’s networks go beyond traditional walls and include data centers, endpoints, virtual and mobile. These networks and their components constantly evolve and spawn new attack vectors including: mobile devices, web-enabled and mobile applications, hypervisors, social media, web browsers and home computers.
As threats and our IT environments have become increasingly sophisticated, they’ve collided with traditional security methods that have not followed suit. Is it possible to simplify security yet increase its ‘sophistication’?
Most organizations attempt to secure these extended networks with disparate technologies that don’t – and can’t – work together. Not only are these structures difficult to manage but they create security gaps sophisticated attackers exploit with methodical approaches that leverage time, patience and nearly imperceptible indicators of compromise to accomplish their mission.
We find ourselves ‘frittering away’ too many resources manually managing more and more security tools,yet breaches happen and go undiscovered for much too long.
As a cybersecurity professional, if you’d like to make a New Year’s resolution to simplify your approach to security while enhancing your defenses, you need a new model that is threat-centric – meaning focused on the threats themselves versus merely policy or controls. It must provide broad coverage across all potential attack vectors, rapidly adjust to and learn from new attack methods, and implement that intelligence back into the infrastructure after each attack.
Technologies that incorporate the following capabilities can help simplify security.
Visibility:To harness local and global intelligence with the right context to make informed decisions and take immediate actions. This requires the ability to tap into the power of big data analytics for better insights; open interfaces to visibility tools and real-time vulnerability-based research to proactively identify and respond to threats anywhere and anytime; and an open architecture for transparency.
Control: To consistently enforce policies across the entire network and accelerate threat detection and response. This requires an enterprise security architecture to enable unified, automated enforcement of polices from the data center, to the cloud, to the endpoint; enterprise-class, integrated policy and event management for more consistent control and better visibility into security devices; and open interfaces to control platforms to eliminate security gaps and complexities of point solutions.
Advanced Threat Protection: To detect, understand and stop targeted malware and advanced persistent threats across the entire attack continuum. This requires threat protection across the entire organization, from network to endpoint, from mobile to virtual and from email to web; and pervasive protection before, during and after attack, across more attack vectors and points of vulnerability.
Flexibility:To deploy security in a way that best fits and adapts to your changing environment. This requires it to be available in multiple form factors – physical, virtual, cloud and services depending on your business model; and open APIs to manage and support existing and evolving security infrastructure.
You can’t afford to leave gaps in protection that today’s sophisticated attackers exploit. At the same time, you can’t keep adding disparate security solutions that don’t work together.With technologies that enable visibility, control, advanced threat protection and flexibility,it is possible to simplify security and increase effectiveness. We no longer need to ‘insist’ that security must be complex. Instead, we can simplify.