As the cloud becomes the backbone of the digitisation era we review what this means in terms of securing this emerging complex puzzle of users, data and applications. The interconnected world where access to business IT is expected anytime from anywhere poses different challenges than those previously faced by business leaders and technical teams.
While the changing compliance regimes, with regulations such as GDPR, have meant that your organisation is compelled to take a more comprehensive approach to all aspects of cyber security implementation, monitoring and reporting. Simply put new threats need new approaches because what was being done yesterday won’t protect you from today’s threats.
What are the most common and emerging threats you need to protect against?
A number of technology approaches have emerged which are needed to counter the threats posed by the evolving cyber security threat landscape. Some of these are briefly discussed in the following section.
The endpoint along with your user is the most common points of security compromise or breach. Adequately protecting the endpoint will go a long way to mitigating potential threats. The approach, however, needs to be a proactive form of protection rather than reactive prevention that is associated with anti-virus type endpoint protection.
The next generation of endpoint protection typically must have some or all of the following features;
Network-wide protection at the perimeter as well as against lateral spread between domains is now an essential component of the new threat defence landscape. Next-generation firewalls have a major role to play in this respect. Just simply having a firewall with stateful packet inspection is like having a leaky bucket in the face of emerging attacks.
With the growth of IoT devices from industrial sensors to thermostats to light bulbs, IoT while presenting a huge opportunity for analytics and automation of businesses processes, IoT presents a real security risk.
Networks now need to be segmented by a next-generation firewall which can then implement some of the following protection measures.
With the proliferation of cloud, more than 60% of business workloads are now cloud-based. Cloud security is at the forefront of consideration throughout the lifecycle of IT applications.
Given that workloads are accessed from anywhere the security that was formerly provided on network premises is no longer sufficient and now needs to be pervasive and advanced to meet the new reality. The new generation of security must embrace the cloud topology and will include the following features.
Cloud security will feature a number of technologies configured to provide a layered security approach and should include; Secure DNS, Cloud Access Security Broker, Web Security, Email Security.
The new cyber security reality and the necessary protection is likely not as big a step as some of us imagine given that many of these services are available as cloud services.
In addition, most security devices have only a small subset of their features enabled. Arm with a good plan and the will to take the necessary steps, achieving a healthy level of cyber security protection is within reach of most organisations today as it not solely the domain of the big well-resourced businesses.