Security First: Approaching Technology In A Highly Connected Era - Forbes

With the rise of technologies like multicloud, IoT and 5G, the world is on the fast track to a highly connected future. While these technologies offer incredible promise for both end users and engineers, they also expose us to a number of potential vulnerabilities.

The recent implementation of GDPR forces organizations to think very hard about data security, but we still have a long way to go in terms of end-to-end security in the shifting technological landscape. In order to reap the benefits from this high level of connectivity, we must properly prepare for the security risks that come with it. Now is the time for policymakers, engineers and technology professionals alike to take a security-first approach in everything we do. Below are some key pieces of advice for achieving a secure and connected future.

Consider Security From The Start

The odds are never in your favor when you gamble on security. All too often, security practices are pushed to the wayside or overlooked entirely in favor of innovation and agile product development. Security protections cannot be an afterthought; instead, they must be built into every layer from the beginning.

It’s not a matter of if you will be the target of an attack; it’s a matter of when. Businesses need to plan ahead to avoid the consequences. To circumvent a potential attack, companies need a comprehensive security policy that leverages automation, anti-malware software and firewalls while also regularly documenting their cybersecurity policies. You can never be overprepared when it comes to the safety of your business and customers.

Automation Adoption Isn’t As Complex As It Sounds

A recent study conducted by the Ponemon Institute and Juniper Networks found that the ability to integrate disparate security is the primary challenge network architects face when attaining a high-quality security automation architecture. Automation is a great way to get around the shortage in cybersecurity skills and achieve a stronger security posture, but the Ponemon Institute’s study showed that enterprises still face challenges when deciding how, when and where to implement automation capabilities. More than 70% of respondents expressed they have a hard time with adoption due to vendor sprawl in their security setups and the scarcity of skilled workers to implement the automation tools.

To face the potential challenges of automation deployment, enterprises must prioritize business segments that can achieve automation benefits most quickly before moving on to widespread adoption. For instance, one of the first and most intuitive areas to secure is the account management sector. Defining rules around access management may seem basic, but it is one of the most critical areas to secure. If someone no longer works with the company or switches teams, you need to deactivate their credentials within 24 hours.

One of the most straightforward ways to get started with security automation is preventing known vulnerabilities. The Verizon Data Breach Investigations Report noted (via CyberScoop) that 88% of breaches analyzed in 2017 were accomplished using one of nine known attack vectors, meaning they could have likely been improved with a few automated procedures to keep up to date. Additionally, by allowing your automated systems to actually block threats, rather than simply detect them, you can significantly minimize your risk and utilize your automation spend most effectively.

Adaptability Is The Key To Ensuring Secure Multi-Domain Connectivity

Network boundaries are a thing of the past. Users are effectively everywhere; they can connect from any geographical location from a variety of devices, and the applications themselves might be on-prem or in the cloud. This flexibility offers incredible usability, but it brings obvious security concerns. Because the perimeter is no longer static, enterprises are better off deploying firewalls that can secure such fluid environments while also ensuring they have security built into every piece of their networks, down to the switch level.

End-To-End Visibility Is Indispensable

One of the most pressing security concerns we need to address is multicloud. The days of having a singular third-party provider are gone. Now you have multiple applications spanning multiple clouds, with the users themselves distributed across a variety of platforms. In this landscape, identifying where a threat comes from can be challenging. When a breach happens, you can’t just rely on visibility into one piece of infrastructure but need to ensure you have visibility from end to end. You can’t pinpoint malicious traffic if you don’t have a set baseline for what normal traffic flows should look like. Having data at every level and segment of the network is crucial to quickly pinpointing the issue, should one arise.

Policy Needs To Catch Up

Policy never precedes disruptive technology; rather, it adapts once the technology has already changed the rules of the game. We are in the midst of a major paradigm shift, and we need the policy to match the current technological landscape. To best prepare a security defense program, we must first understand what capabilities the new infrastructure brings and what vulnerabilities are possible. In short, the first step in any policy plan is education. The onus is on both policymakers and technology companies to ensure state and federal officials are sufficiently educated on major technological developments. Technology companies must partner with policymakers to make sure our leaders fully understand the purposes and functionality of new technology. We need smart laws that enable enterprises to leverage this new technology but also mitigate the potential risks such as user privacy and data privacy.

It seems as though every week we are reading about a new data breach or security hack. We can’t wholly credit these cyberattacks to neglectful security practices; the pace with which the industry is adapting is also an issue. The strategies deployed by CISOs and CIOs even just a few years ago are now outdated. We now require radical new thinking when it comes to network security and the policies that help keep us safe. The technological landscape is shifting rapidly, and we need to be both flexible and vigilant to make sure our security practices can keep up with our restless pursuit of innovation.



https://ift.tt/2SiUkBJ

0 Response to "Security First: Approaching Technology In A Highly Connected Era - Forbes"

Post a Comment