Credit to Author: Jonathan Nguyen-Duy| Date: Tue, 13 Feb 2018 13:44:49 +0000
Cybercrime is a continually increasing problem due to the digital transformation-driven expansion of the attack surface and the growing sophistication of bad actors. Corporations and government agencies of all sizes are rapidly adopting digital business models that allow them to rapidly respond to evolving consumer demands, process transactions, and react to real time intelligence – generating greater agility, productivity for better business outcomes, and improved quality of life. But this transformation goes far beyond the corporate world. Digital transformation is changing society at an unprecedented scale. It is fundamentally changing how we learn, work, socialize, shop, manage finances, and interact with the world around us. And things like artificial intelligence and augmented reality, still in their infancy, are going to accelerate the rate of change even further.
Things like multi-cloud networks, shadow IT, IT, OT and IoT convergence, Big Data, mobile workers, and hyper-connected networks are also dramatically expanding the attack surface and putting businesses, people, and data at greater risk than ever.
But this transformation also goes beyond simply adopting digital technologies and incremental productivity gains. Digital transformation requires the harnessing of digital technologies to move from intuitive to data-driven decisions that generate exponential innovation and growth. The challenge is in the need to balance innovation and productivity with functional security and cybersecurity.
Convergence Compounds the Risks of Digital Transformation
Proactive and predictive data analytics are driving more optimized resource allocation and consumption. Evidence of the potential impact of digital transformation and convergence is all around us. From smart cars to smart homes, and smart buildings to smart cities, we are seeing traditionally separate networks woven together in remarkable ways. Smart cities will begin to interact directly with online citizens, smart buildings and devices, and even smart cars. As a result, they will be able to do things like dynamically reroute traffic, control the use of critical infrastructure resources like water and energy grids, actively monitor city services, and respond more efficiently to events of all sorts, from conventions to weather to emergencies.
Smart businesses are doing the same sort of thing. In order to increase efficiencies and profitability, traditionally isolated OT systems are starting to be converged with IT networks to do things like tie manufacturing floors to global market data to automatically support just-in-time inventory and flexible, on-demand production. Automation will be used to reduce overhead and increase ROI. Digital businesses will also be more actively connected to consumers in order to provide on-demand services and support, as well as critical back end infrastructures like energy and cooling to manage costs. And as buildings get smarter, physical and IT security will converge. Likewise, networks will expand and contract dynamically across multi-cloud environments to meet shifting demands for compute and workload resources.
Traditional Security Strategies Don’t Scale
Digital transformation is dramatically improving the way we communicate and conduct commerce – from around the corner to around the world. However, this is also introducing new security risks and compliance requirements. Many of the “traditional” ways of securing IT and networks simply don’t apply to today’s converging networks. Part of the challenge is that the Internet this all runs on is still using many of the same protocols and infrastructure it began with decades ago. At the same time, the volume of data has increased nearly 40X in just the past few years, driven in large part by the explosion of applications, access points, and connected devices.
But even though the majority of data no longer stays inside the traditional enterprise network, we continue to approach security using a model that is outdated and insufficient. Part of the problem is that we tend to approach infrastructure changes as individual projects rather than as part of a holistic transformation. Then we tend to deploy isolated, one-off security solutions to protect them, which complicates management while reducing both visibility and control.
Instead, network security needs to extend out to wherever the data is as a single, integrated system. We not only need to be able to see and secure all infrastructures and devices, regardless of their location or type, from a single location, but also coordinate resources to enhance detection, automate response, and dynamically adapt to network changes. But given the rate of change we are currently experiencing, an integrated security system that reacts to threats, even at digital speeds, isn’t enough.
Converged Networks Require Converged Security
Instead, to protect converged networks we need to switch from a traditional model of individual and isolated security devices to a fabric-based approach built around open standards and integrated security tools designed to communicate and collaborate at speed and scale. This approach will also need to include automation to allow security to move beyond signatures to behavior-based analytics. Combining a holistic security approach with advanced behavioral analytics allows for more proactive and predictive risk management. Which means that organizations will be able to dynamically implement security changes to meet new threats and shifting risk profiles, effectively shortening the interval between detection and mitigation – all without human intervention.
True “auto-resiliency” is the natural outcome of a fabric-based security approach. Such a system will be able to determine user and device intent, detect or even anticipate threats in cyber-relevant time, automatically identify and update key assets, isolate compromised devices or applications, correlate threat intelligence across different networks and industries, and dynamically map relevant security to changing network infrastructures even across converged environments. Such an approach also centralizes management, ensures a consistent and adaptable posture, automated orchestration of policies, and an autonomous and coordinated response to threats.
The innovation and economic growth being driven by digital transformation has the power to utterly transform our society. But to do this without compromising everything we hold dear, the entire digital industry needs to rethink security. And we need to start now.
Jonathan Nguyen-Duy discusses cybersecurity trends with The Cube's John Furrier.
This byline originally appeared in CSO.
Download our paper on securing dynamic cloud environments.