Strategic Technology Enablers Emerging for Cybersecurity
Dan D'Augelli, MS
Helping organizations make their cybersecurity a catalyst for transformation
The cloud has become the hub for delivery of digital applications in the modern digital era. Identity as the digital perimeter and data protection are mission critical to foster digital trust, enable service assurance, and minimize enterprise risk.
However, the rise of the modern distributed/hybrid work model increases the attack surface for users and endpoints due to phishing, ransomware, and myriad other threats to the now "extended" corporate network. The conventional network edge now transcends the historical "castle and moat" perimeter. Legacy technologies such as Virtual Private Networks (VPNs) do not scale and have been proven to be fraught with risk as evidenced by incidents such as nation-state attacks.
A paradigm shift is needed to effectively combat current and emerging threat vectors by deploying standard security policies and networking controls for endpoints via dynamic, adaptive access controls. Thus, holistic convergence of network and security operations in this cloud centric digital era is paramount to assure cyber resilience and enterprise business continuity. This article discusses three strategic technology enablers to fulfill these mission critical business objectives: Network observability, Secure Access Service Edge (SASE), and Zero Trust.
Network observability
Whereas hybrid and multi-cloud infrastructures serve as the hub for application and service delivery in the modern digital universe, the modern network is the delivery channel.
However, network monitoring tools generate data and alert overload, which over burdens support staff and complicates problem detection, identification of root causes, and service assurance. Further, the evolution of enterprise architecture increases complexity, extends the attack surface, and introduces threats to enterprise security and privacy.
It is imperative to minimize the blast radius and the enterprise attack surface to protect the enterprise ecosystem. As the cloud fuels collaboration, the security landscape becomes more complex, and risk management becomes mission critical. Thus, modern network management needs new tools.
Legacy vs. modern networks
Challenges of modern networks
SecOps & Network Ops business drivers
Time for a paradigm shift
There is a great need to leverage diverse data sources to give perspective into network operations and receive quick, automated insights and recommendations to remediate issues and improve performance proactively. This can help eliminate "alert fatigue," which tends to overwhelm IT teams, and support them in their mission to enhance the user experience. This gives rise to Network observability!
Key factors for network observability
Primary use cases for network observability
领英推荐
Benefits of network observability
Secure Access Service Edge (SASE)
Secure Access Service Edge, or SASE, was postulated by Gartner to foster convergence of critical network security architecture components to better combat the burgeoning attack surface and security threats in the cloud-centric modern distributed enterprise. It promotes "Anytime, Anywhere, Authorized" access to cloud applications and requires dynamic visibility and inspection of all network traffic. It unifies networking and security functions via a converged enterprise network, while enabling centralized policy enforcement centered on identity and Zero Trust via a central cloud platform. Principal SASE services in conjunction with SD-WAN are as follows:
Primary use cases for SASE
Benefits
Zero Trust
Zero Trust postulated by John Kindervag has become a unifying force for transforming cybersecurity strategy by reinforcing "Identity as the Digital Perimeter." Zero Trust leverages multiple People, Process & Technology safeguards (layered architecture).
Zero Trust security eliminates the principle of a trusted internal network (castle and moat) and untrusted external networks. In Zero Trust, all network traffic is untrusted! Zero Trust transforms conventional network-based security by changing the focus of security to be centered on users, applications, and data. This eliminates the old castle and moat approach of the network perimeter.
Zero Trust extends the digital perimeter via the principle of "Anytime, Anywhere, Authorized Access" and least privilege (minimum necessary). Business process architecture and data flow mapping are essential for Zero Trust to strengthen access controls before access to applications is granted by dynamically evaluating: User Identity, Device Security, Context, and Session Risk.
Benefits
For further context on Zero Trust and Identity as the Digital Perimeter, please refer to Arun DeSouza's article, A Question of Identity: The Evolution of Identity & Access Management.
Closing
The three strategic macro technology trends in this article are synergistic and interwoven. Collectively,?they deliver service assurance, render convergence, enhance operations, strengthen security,?minimize enterprise risk, and foster cyber resilience. As such, they are strategic technology enablers for the modern digital enterprise in tandem with People, Process, and other technology safeguards.
Source: SecureWorld & Arun DeSouza