In the zest towards achieving wholesome digital transformation journeys, the modern security landscape is rapidly evolving. The emergence of apps, cloud services, big data, and mobile technology though quite revolutionary opens up newer vistas of risks as traditional network perimeters are fading away as businesses retrofit their organisations around these burgeoning technologies.
The most potent approach to defending against next-generation threats in the new age is by developing an integrated, enterprise-wide risk management strategy with clear governance and policies. The motive is to have resilient systems that will not only withstand cyber-attacks but will keep the MTPD (Minimum Tolerable Period of Disruption) at the barest minimum, and also carry out mission-critical business operations after an attack.
Rethinking enterprise risks isn’t an easy task, given the dynamism of the risk environment itself. Enterprise security has changed because the enterprise has drastically changed too. Vendors are also shifting their security paradigms from the “bolt-on” to the “built-in” approach in a bid to help customers maximise their investments and securely transform their business in ways that were not possible before.
Fusing security into the lifecycle and product development process as opposed to it being an afterthought is very imperative. The telemetry and broad threat intelligence generated from the process adds to the insights repertoire and helps in discovering, tracking, reporting, and also acts as a conduit in connecting and integrating traditional security silos to better respond and mitigate advanced persistent threats.
With BYOD (Bring Your Own Device) fast becoming a mainstay feature in the digital transformation playbook, employees aren’t operating just only from their office desktops. They can work everywhere and at any time using their own devices. They download and have access to apps the IT department isn’t privy to. They are consistently accessing cloud-based solutions, from mediums that might not be secured.
Sadly, a firewall can’t be built around the modern enterprise and there’s no practical way to discard every legacy technologies owned by organisations. The security software built for the PC world was not designed to do what mobile devices can do today. Summarily, this new phase of computing requires a nascent approach to security taking into cognizance that it must be as innovative, nimble and intelligent as the technologies and enterprises it intends to protect.
In this cloud first, mobile first world, these heuristics stated below are some of the effective methods in mitigating today’s security challenges.
IDENTITY IS THE NEW SECURITY PERIMETER
Identity is the new security perimeter and there are no “if, ands or buts” about it. Identities are becoming increasingly mobile. There are three fundamental threat vectors that an organisation must protect, namely: users, data and applications. Identity is a mechanism to bound the three together and improves the security posturing for the organisation. Enterprise security is fast becoming less device-centric and more user-centric. The new perimeter is where identity is meeting with data.
In our present world, users switch from device to device — from their laptops at work, to their IPads at home, to the smartphones in their pockets and the main imperative is not to secure the devices at a given point in time, but in continuously securing users and their identities in a consistent manner, not impeding the user experience most importantly.
DATA IS THE NEW CURRENCY OF THE ENTERPRISE
Data in traditional speaks and strategy used to be an asset that stays within the four walls of an organisation and is the exclusive preserve of the enterprise. However, as the boundaryless landscape evolves, there’s a need for collaboration beyond the defacto perimeter which of course changes the data lifecycle. Gleaning the right datasets for actionable insights helps in forestalling attacks.
Data is the most important asset of an organisation. The silos that used to be prevalent in discovering, classifying, protecting, and tracking data are collapsing and holistic solutions like machine learning, blockchains to mention but a few is coming to the fore. However, as the new currency of the enterprise, there has to be a balance between data fluidity and the provenance of data.
A NEWER APPROACH TO ENTERPRISE DETECTION AND RESPONSE IS IMPERATIVE
Cyber attacks are now occurring at scale and in great sophistication. This means that every organisation is predisposed to breach. Decision makers within the security architecture now run their organisations in an “assume breach” posture. This puts them in a situation where they proactively detect threats early enough in the kill chain to fend off a breach situation.
Traditional signature-based approaches to threat detection should leverage machine learning, big data analytics, behavioural analysis, and patterning to mitigate attacks and proactively detect threats earlier in the kill chain. The resilient enterprise of now and of the future are those who have adopted the “built-in” security philosophy to protect the enterprise trends of today — mobility, big data, and cloud services.
Counterterrorism Tradecraft in Polymorphic Threat Mitigation Next Post: