It’s no secret that organisations are spending more money than ever on security. Despite this, the only things outpacing increasing security spending are the losses due to security breaches. Ian Jansen van Rensburg from VMware EMEA tells us how businesses can best respond to today’s security landscape.
Business models keep transforming, people and devices are becoming increasingly connected, and organisations are now straddling both physical and digital worlds. To remain competitive, many are also having to push boundaries with new technologies, from IoT to machine learning to full-blown artificial intelligence. This presents a more complex and extended environment than ever before, with more potential vulnerabilities, which many businesses are struggling to secure.
But what approach should be taken in response to these new and emerging needs? How can organisations ensure the security and compliance of data while also enabling innovation?
I’d like to make three key observations:
There is no definable perimeter any more
Security, since time began, has focused on securing the ‘perimeter’ – everything from moats in castles to locks on the front door and, in the modern world, CCTV and firewalls. Within today’s world of business, however, digital transformation has resulted in dynamic environments with geographically dispersed employees, using many different devices with pretty well universal mobility. In this context, we need to ask what is the IT equivalent of the moat? What should an organisation actually be trying to protect in this brave new world?
The traditional approach to security needs be turned ‘inside out’. Perimeter-centric network security cannot be expected to protect the ever-shifting footprint of applications and users when you can’t define where the ‘perimeter’ is, or even if there is one at all.
We need to overhaul the basic concept of IT security, inserting it as an intrinsic quality throughout the infrastructure, rather than only at its edge. Businesses can achieve this by leveraging common software layers such as the hypervisor for application infrastructure and an enterprise mobility management platform for endpoints and user identity.
Security inserted here, by definition, touches all elements of the – apps, data, users, devices, storage, the network – delivering protection everywhere, maximising visibility and context of the interaction between users and applications, and better aligning security controls and policies to the applications they are protecting. This is where the vulnerabilities now lie, and in the modern world of mobile, distributed IT, this is what needs safeguarding.
There is a greater risk of fragmented IT ownership than ever before
If external company perimeters have all but dissolved, internal perimeters are also changing with regards to the ownership of IT and security. Cloud computing is giving users across the business direct, rapid access to data, applications and services, when they want it, regardless of where they are and what devices they’re using.
However, as lines of business and employees take increasing ownership of the technology they use, it’s becoming increasingly difficult to get any real visibility of IT within organisations, meaning that businesses can easily lose control. Our research shows 73% of IT staff and 64% of business users agree this is making it more difficult to keep the company secure from cyber-attacks, with 53% believing it’s caused a clear lack of ownership and responsibility for IT and 49% that it is resulting in the purchasing of non-secure solutions.
The movement of traditional silos between IT and the business is shifting roles and responsibilities, but this cannot be allowed to result in a lack of clarity over who ‘owns’ security and compliance. IT must be empowered to manage this operational ownership while also providing the flexibility for other lines of business to drive innovation. This requires a single, unified platform wherein businesses can run, manage, connect and secure applications, across devices – and clouds – and from which IT can manage it all with a single view.
What IT is today, won’t be what IT looks like tomorrow
The way we develop, manage and consume IT is constantly changing. So how do you know what this landscape will look like tomorrow, let alone secure it?
Gone are the days of predictability – agility, flexibility and scalability are required to be able to manage and secure IT within a modern organisation. If companies cannot implement security at the speed of the business then security becomes an inhibitor for progress and innovation, rather than an enabler.
This ‘future-proofing’ of IT security requires another shift in our thinking. Traditionally, most security is about searching for ‘bad’ – monitoring the entire infrastructure continuously for malware, and for breaches in general. The problem with this approach is that it relies on knowing what ‘bad’ looks like – in a world where most emerging threats are so-called ‘zero-day’ attacks that have never been seen before, a decreasing level of effectiveness should hardly come as a surprise.
The changing nature of the threat landscape, combined with the accelerating pace and complexity of business clearly demands another solution – less trying to chase the unknown ‘bad’, and more ensuring that only the known ‘good’ is executed.
Our brand new VMware AppDefense technology, for example, captures what the desired ‘good’ state of an application looks like. Once this is known, any deviation from ‘good’ can be flagged and a defined action taken. AppDefense carries out this monitoring in continuous real time, immediately detecting when anything deviates from ‘good’ – before triggering an automated response, whether that be suspension, blocking, quarantining of the virtual machine or more.
This contextual intelligence and automation removes the guesswork involved in determining which changes are legitimate and which are real threats – it’s the only way security can keep pace with the rest of the business and implement a ‘security-everywhere’ strategy.
These observations and developments all point towards one thing: the need to establish a common source of truth between a security solution and the environment that needs protection. The environment will keep evolving – innovation and transformation are only going to accelerate and become even more radical. But with this ‘truth’ – stemming from greater visibility and an increased understanding of context – businesses will be better able to make sense of their increasingly fragmented and complex IT footprints to offer protection at the speed that’s required – to secure, enable and innovate, in order to remain competitive and to drive ever-improving performance.