We have discussed the changing IT landscape as the age of digitisation gains traction and growth in connectivity continue apace. The cyber attack surface is increasing and so is the scale and sophistication of attacks as identified by Cisco in it’s latest annual cyber security report.
Security breaches will continue to happen because there is too much going on in the organisations’ systems to provide complete protection especially with the growing sophistication of threats. The approach to security needs to embrace an approach that provides not only for known but also unknown threats. The approach needs to address cyber security before, during and after a cyber attack.
Some of the key features that need to be addressed with this new cyber security approach include;
Users will try to use whatever they can to get the job done. Organisations need visibility and control of what applications are being used in the cloud and remotely, especially with the growth of new SaaS applications. Visibility enables an understanding of what is being used in line with policy, what is out of policy and what is a threat. Visibility is the first step to controlling and securing the organisations environment based on what services should be provided.
As SaaS applications are increasingly being deployed in public clouds such as Amazon Web Services and Azure, it is vital to ensure that the cloud platform is secure. Even though the cloud providers will deploy their own security solutions, organisations also need to implement independent security systems to secure the user and the data as this is not the responsibility of the cloud provider.
As remote connectivity and branch networking trends increase in popularity, the security solution should be adaptable to extend the necessary features such as firewalling, threat management and anti-malware capabilities to the edge of the network as opposed to the current centralised deployment.
The need for security is now pervasive at the client, the branch, the HQ as well as public and private clouds where SaaS applications are located. This necessitates the capability for a virtualised security architecture where the panoply of security functionality can be deployed easily at any location.
Most organisations deploy security components from multiple vendors. An intelligent approach to securing information and systems in the emerging environment must make use of threat intelligence. This is the ability to take intelligence feeds from other sources such as other security vendors feed and make context based threat assessments relating to your organisation and what it means for you. This assessment can naturally feed into automated protection mechanisms.
This roundup of security requirements and features is a summary of what we need to look for in our security approach as we hurtle towards digitisation and a predominantly cloud based environment. In our next installment, we will discuss some practical solutions and explain what is now being termed the Secure Internet Gateway.