{"id":10028,"date":"2017-10-23T05:40:25","date_gmt":"2017-10-23T13:40:25","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/10\/23\/news-3801\/"},"modified":"2017-10-23T05:40:25","modified_gmt":"2017-10-23T13:40:25","slug":"news-3801","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/10\/23\/news-3801\/","title":{"rendered":"Executive Insights: Managing Risk Demands a Security Fabric Approach"},"content":{"rendered":"<p><strong>Credit to Author: Jonathan Nguyen-Duy| Date: Mon, 23 Oct 2017 12:50:59 +0000<\/strong><\/p>\n<div class=\"entry\" width=\"100%\" height=\"420\">\n<div>\n<div>\n<div>\n<div>\n<div>\n<div>\n<div>\n<p><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\">In today&rsquo;s rapidly evolving IT environment, CIOs and CISOs face an increasing level of complexity, both in the IT systems we manage and the cyberthreats we face.&nbsp;<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\">On top of managing and configuring the growing number of tools, devices, and applications within the enterprise network and distributed across multicloud hybrid environments, our teams also need to wrestle with growing organizational complexity of detecting and mitigating cyberthreats. For example, the security team that detects a threat may not be the same group responsible for mitigation and incident response.&nbsp;&nbsp;As a result, a lag between threat detection and mitigation may occur and can last for hours, days, months, and in some cases, even years.&nbsp;&nbsp;This is particularly significant given the increasing frequency of attacks using advanced malware that can cause irreparable damage in a matter of minutes.&nbsp;<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\">The drive towards digital transformation is further compounding these technological and organizational challenges.&nbsp;&nbsp;The result is that many organizations are not making substantial progress in improving their security posture &ndash; as evidence by the growing number and impact of data breaches.&nbsp;<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p style=\"text-align: center;\"><iframe loading=\"lazy\"  src=\"https:\/\/www.youtube.com\/embed\/GJTFah13sSs\" width=\"100%\" height=\"420\" frameborder=\"0\" ><\/iframe> <\/p>\n<p><span><span><span><span><span><span>As we become even more integrated and interconnected, we need better ways to manage complexity. One way to accomplish this is through integration and automation for better visibility and control &ndash; especially in highly elastic environments. As a result, we&rsquo;re seeing a need to move away from isolated point defense systems like individual firewalls and intrusion detection systems, to a more comprehensive risk-management framework that weaves disparate security devices into a single, holistic&nbsp;<a href=\"http:\/\/demand.fortinet.com\/LP=2900?source=Website&amp;sfdccampaignid=70134000001XuNs&amp;elqemail=5118&amp;elqtyp=1876&amp;elqlist=4475&amp;utm_medium=website\">security fabric<\/a>.&nbsp;&nbsp;<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\">To address cybersecurity moving forward we need an approach that leverages intelligence and operates at machine speed.&nbsp;&nbsp;We need an integrated ecosystem of security elements that can share information, automate policies, and respond to threats in a coordinated manner at speed and scale.&nbsp;&nbsp;That&rsquo;s the key because today&rsquo;s digital enterprise operates in real time, is always on and is globally distributed.&nbsp;&nbsp;&nbsp;CISOs are familiar with this approach because security professionals have been attempting to build fabrics from day one.&nbsp;<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\">We began this journey back in the late 1990s, when many of us deployed our first&nbsp;packet filtering firewalls, then stateful inspection firewalls, followed by our first intrusion detection systems. Then we deployed more sophisticated intrusion detection and prevention systems, and NGFW platforms.&nbsp;&nbsp;These devices generated so many alerts and such complexity that we had to deploy Security Event Management tools (SEM).&nbsp;&nbsp;Since then, we have added even more new tools like Sandboxes and Advanced Threat Protection systems to detect increasingly evasive and sophisticated threats.&nbsp;&nbsp;As complexity grew, we added Security Information and Event Management (SIEM) and analytics platforms &ndash; plugged in third-party intelligence services and hoped it would all work.&nbsp;<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\">We have been individually building a custom security fabric of sorts all along.&nbsp;We were buying a hodgepodge of technologies, plugging them into the network, and hoping they would all work together to protect our companies and our infrastructure.<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\">Essentially what we did was take on the development and support burden of proprietary and third-party technology integration, the quality assurance work, as well as the normal operational responsibilities of securing an enterprise.&nbsp;&nbsp;&nbsp;With few exceptions, it didn&rsquo;t quite work the way we had hoped. So now, just as our networks are in the midst of perhaps the most dramatic digital transformation ever, our security strategy is operating at a level of complexity that is overwhelming our IT and security teams.<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\">We need a&nbsp;<a href=\"http:\/\/demand.fortinet.com\/LP=2827?source=Website&amp;sfdccampaignid=70134000001XvWJ&amp;elqemail=4898&amp;elqtyp=1876&amp;elqlist=4229&amp;utm_medium=website\">different approach<\/a>. Instead of doing all of the integration ourselves and hoping for the best, we need a neural network of devices that is natively designed to integrate, interoperate, communicate, share information and act at speed and scale. With such a security fabric in place, visibility can be extended to the furthest reaches of our extended networks, all threat information can be collected and correlated centrally, and the fabric itself can deliver automated security response and orchestration. Blending that integrated and automated security fabric with real-time global threat intelligence is the only way we can really address the increasingly dynamic, distributed, and complex security environment we are faced with today.&nbsp;&nbsp;Very good security can be done for select systems, facilities and networks, but the challenge today is to do that from the IoT edge, across the enterprise network to hybrid clouds.&nbsp;&nbsp;That is why security at speed and scale is so important.&nbsp;<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\">For example, about 5 years ago the interval between the detonation of advanced destructive malware to the point of irrecoverable damage was about 30 minutes.&nbsp;&nbsp;Today, we typically have less than 10 minutes to mitigate.&nbsp;&nbsp;There&rsquo;s no way that our current method of manual detection and response can work within that timeframe, especially not in today&rsquo;s network-of-networks environment. Organizations simply cannot afford to have isolated point defense systems managed through separate consoles and in some cases by different teams, when the time to respond is so short.<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\">Traditional manual detection and mitigation approaches are incapable of dealing with increasing levels of complexity.&nbsp;&nbsp;For example, asset and vulnerability management should be automated.&nbsp;&nbsp;It is becoming very difficult to prevent or detect a well-designed, persistent attack. Prevention strategies and tools are still important, but cybersecurity is essentially an exercise in risk management via identification, protection, detection, response and recovery strategies.&nbsp;&nbsp;Cybersecurity is a multi-dimensional operating domain and is about understanding and&nbsp;<a href=\"http:\/\/demand.fortinet.com\/LP=3135?source=Website&amp;sfdccampaignid=70134000001Xy7A&amp;elqemail=5498&amp;elqtyp=1876&amp;elqlist=4988&amp;utm_medium=paid\">managing risk<\/a>. The practical reality is that data breaches are inevitable but material damage does not need to be.&nbsp;&nbsp;We all recognize that any decent pen tester, red team, let alone a nation-state actor or organized crime syndicate can break into most networks.&nbsp;&nbsp;&nbsp;Having read over 10,000 data breach summaries in my career, it&rsquo;s quite apparent that risk management is the right approach.<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\">Once you fully recognize the scope and scale of the threats we face today, you start to focus on seeing, anticipating, and responding to risk across your organization. What risks are you willing to absorb and mitigate? What risks are you going to transfer to a managed security service provider, to a cloud service provider, or to a cyber insurance company?<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\">Moving to a risk management perspective requires an understanding of the risks you face and the nature and capabilities of the IT resources at your disposal. You can&rsquo;t defend what you can&rsquo;t see. Which means you need visibility across your entire ecosystem, from the IoT edge to your multicloud environment.&nbsp;&nbsp;To understand what&rsquo;s happening you need solid baseline information about your normal state and intelligence for context about what&rsquo;s happening at any given moment &ndash; present or historical.&nbsp;&nbsp;You need a global network of sensors and researchers who can accurately interpret what&rsquo;s happening across the threat environment, understand the latest tactics, techniques and procedures to design automated systems to respond at speed and scale.<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div>\n<div>\n<div>\n<div>\n<div>\n<div>\n<div>\n<p><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\"><span id=\"OLK_SRC_BODY_SECTION\">Cybersecurity is highly complex and will become even more so as digital transformation takes root. Protecting your organization requires a built-by-design security fabric that weaves deep automated visibility, detection, response, orchestration with real-time intelligence together into a single, adaptive system that spans your entire ecosystem from IoT to the cloud &ndash; delivering security at speed and scale.<\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<p><em>For more information, <a href=\"http:\/\/demand.fortinet.com\/LP=2827?source=Website&amp;sfdccampaignid=70134000001XvWJ&amp;elqemail=4898&amp;elqtyp=1876&amp;elqlist=4229&amp;utm_medium=website\">download<\/a> our&nbsp;paper and learn the top five trends driving security uncertainty and how to protect against the threats enabled by these trends.<\/em><\/p>\n<p><span><span><span><span><span><span><a href=\"http:\/\/demand.fortinet.com\/LP=2827?source=Website&amp;sfdccampaignid=70134000001XvWJ&amp;elqemail=4898&amp;elqtyp=1876&amp;elqlist=4229&amp;utm_medium=website\"><img decoding=\"async\" alt=\"\" src=\"https:\/\/d3gpjj9d20n0p3.cloudfront.net\/ngblog\/uploads\/images\/Images\/images%202\/images%203\/images%204\/images%205\/images%206\/images%208\/Hex%20blog\/more%20hex\/baidu\/more%20baidu\/cerber\/Mamba\/shamoon\/More%20images\/Google\/Google2\/Google3\/More%20Google\/Evasive01\/evasive3\/Ichitaro\/Demand%20Banners\/blog-banner-rethinking-approach-cybersecurity.jpg\" style=\"width: 1110px; height: 400px;\" \/><\/a><\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<p><a href=\"https:\/\/blog.fortinet.com\/2017\/10\/23\/executive-insights-managing-risks-demands-with-a-security-fabric-approach\" target=\"bwo\" >https:\/\/blog.fortinet.com\/feed<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/d3gpjj9d20n0p3.cloudfront.net\/ngblog\/uploads\/images\/Images\/images%202\/images%203\/images%204\/images%205\/images%206\/images%208\/Hex%20blog\/more%20hex\/baidu\/more%20baidu\/cerber\/Mamba\/shamoon\/More%20images\/Google\/Google2\/Google3\/More%20Google\/Evasive01\/evasive3\/Ichitaro\/Demand%20Banners\/blog-banner-rethinking-approach-cybersecurity.jpg\"\/><\/p>\n<p><strong>Credit to Author: Jonathan Nguyen-Duy| Date: Mon, 23 Oct 2017 12:50:59 +0000<\/strong><\/p>\n<p>As we become even more integrated and interconnected, we need better ways to manage complexity. One way to accomplish this is through integration and automation for better visibility and control \u2013 especially in highly elastic environments. As a result, we\u2019re seeing a need to move away from isolated point defense systems like individual firewalls and intrusion detection systems, to a more comprehensive risk-management framework that weaves disparate security devices into a single, holistic\u00a0security fabric.\u00a0\u00a0<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10424,10378],"tags":[],"class_list":["post-10028","post","type-post","status-publish","format-standard","hentry","category-fortinet","category-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10028","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=10028"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10028\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=10028"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=10028"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=10028"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}