CDM Media Virtual Summit Explores How IT and Data Security Leaders Prepare for the Unexpected While Assuring Business Continuity.
While Covid-19 has forced IT to reimagine how work gets done, it hasn’t diminished the pace of change and thirst for direction in the constantly shifting IT landscape, particularly when it comes to cybersecurity.
That was evident at a recent CDM Media West Virtual Summit, where industry experts and top practitioners gathered to discuss, among other things, security trends, the need to think creatively about new architectures, and how to drive innovation.
With organizations already facing increased risks because of digital transformation efforts – which have expanded the attack surface, added complexity and introduced new compliance concerns – Covid-19 has upped the ante, says Renee Tarun, Deputy CISO of Fortinet. Organizations have had to vastly scale their remote workforces and secure all of those connections and devices. And this at a time when bad actors are using AI to churn out zero-day attacks.
Of course, technology alone isn’t the answer to any security challenge, she says. You need to address: people (build a culture where everyone sees they have a role to play); process (so it is clear what assets you have and how they are protected, and have policies and procedures in place before anything happens); and tech (automating what you can to free up experts to focus on higher order challenges and leveraging convergence – say, of the NOC/SOC – instead of fighting it).
The migration to cloud also continues to complicate the security picture, says Brian Johnson, SVP of the Cloud Security Practice at DivvyCloud by Rapid7. While cloud adoption simplifies aspects of IT and helps drive innovation, it also introduces complexity and problems you didn’t have to deal with before.
When cloud is adopted, he says, the asset count explodes (more server instances and resources such as load balancers to manage), many more people are touching these resources, and the resources change far more often. “It becomes a giant noise problem,” Johnson says. You need to automate away the noise to focus on the signal.
Given the problem is exasperated with multi-cloud, he argues enterprises need to adopt a unified data model and build Cloud Security Centers of Excellence to bring together diverse teams to expediate learnings.
Tony Bishop, SVP, Growth Platform & Marketing at Digital Realty, was also calling for adoption of a new model at the Summit, a data-centered architecture.
Data has gravity, Bishop says, because once it is created it gets processed through various interactions and transactions, then it is aggregated and exchanged, then analyzed and enriched, then re-aggregated and exchanged, etc. That makes data hard to move and stresses the common practice today of backhauling data to a central location.
This practice is increasingly untenable given data often needs to be local for regulation purposes, and needs to be integrated with other data, some of which is on premise or in the cloud. A better approach, Bishop argues, is to adopt a data-centered architecture: create data exchange centers at points of presence around the world and bring users and cloud services to those centers.
Jose Gomez, Sales Engineering Manager at Imperva, has a different take. He says with the threats today you need to be able to safeguard the edge against things like DDoS attacks, your apps with tools like Web application firewalls and runtime protections, and the data itself using database activity monitors and other tools.
“Everything needs to work together to protect all paths to the data,” he says. “Whether those threats come from the outside or are insider threats, and regardless of where the data resides, on premise or in the cloud.” Ideally you want user-to-data tracking, the ability to know where your data is, who is accessing what apps and what data, and where your data goes.
Even problems IT has already “solved” are surfacing anew. Consider BYOD. Researchers forecast that within 5 years 30% of enterprises will need to enhance their BYOD policies as workers show up with wearable technologies, personal applications and even IOT devices such as smart speakers, says Nemi George, VP, Information Security Officer at Pacific Dental Services.
Security professionals are trained to block, stop and control, he says. “We have to reinvent ourselves so we’re in a position to support what the workforce demands.”
Besides the usual considerations around privacy and support, smart watches raise simple questions about a user’s willingness to enter 6-digit passwords, say nothing about compliance questions for devices that collect health information. How will your policy scale across these new use cases?
George believes BYOx will require a shift away from perimeter defenses to a zero-trust model where every connection requires validation of the user and device ID.
Ultimately, however, the industry has to confront the elephant in the room: Traditional security can’t keep up. There are too many tools, too many alerts, too much complexity and too few experts, says Chris Bontempo, IBM Security Marketing Leader.
The industry has to get behind Open Source efforts to build a sustainable security platform that simplifies and accelerates enterprise security efforts and promotes cooperation among practitioners and among industry suppliers, he says. The goal is to build a more unified approach that spans tools and teams and enables work to get done faster.
Many open source security projects are already underway, including work on standards to facilitate interoperability of tools, development of new code to address gaps in commercial products, and in areas such as intelligence and analytics. One project, called STIX Shifter, is designed to translate security queries into queries native to multiple tools and then translate the responses to present an integrated view of indicators of compromise.
Ideally suppliers could eventually integrate their wares using open source constructs and save enterprises from that difficult job.
The problem with many of the innovations discussed is getting there from here. Change is daunting, and with cloud, the internal IT team is no longer the only game in town. To compete, says Charles Nelles, VP Global Infrastructure at American Express Global Business Travel, IT has to offer the same performance and functionality at similar costs, AND, most importantly, high value to the customer. In other words, deliver the “cool” factor.
That’s hard because technical debt and complexity slows down decision making. But shifting the mindset can help when you’re pursuing innovation, Nelles says. He recommends the new island approach. Instead of trying to change the minds of people on your island, create a new island and invite along people that are excited about being part of something new.
Juan Orlandini, Chief Architect, Insight Cloud & Data Center Transformation, Insight, concurs, saying change is better in small bites. He gives the example of rethinking IT operations to support development teams focused on innovation. “You need to start with a small project where you can show meaningful change,” Orlandini says. “Then do quick short sprints to show the project is real and that will help change people’s minds.”
Many organizations have taken the new island approach with digital transformation efforts, which are typically focused on rethinking how to best serve customers.
These efforts are critical because customers today hold all the power, says John Murphy, Enterprise Account Executive at Freshworks. If customers get frustrated, they can use social media to sink you. That power enables them to demand exceptional service, meaning enterprises can no longer just offer a call service and call it a day.
If you want to create customers for life you need to be able to engage with customers everywhere (phone, email, chat, bots, social media, etc.), predict their needs (suggest other things they might want/need), and be able to consider the context of their query to make your engagements more meaningful, Murphy says.
To win, you need to be able to create a centralized customer record that draws in every customer interaction — from sales calls to social media mentions, support calls, email queries, etc. – and then leverage AI to help customers help themselves or help your agents help them better.
While Covid-19 has imposed a new normal on IT work practices, the discussion at CDM Media’s West Virtual Summit made it clear that it is still business as usual, with practitioners trying to harness the latest advances to protect their organizations and find new ways to drive business innovation.