The recent Marriott breach –just after the Equifax incident– showed that traditional approaches to security aren’t working. Cliche? Maybe – unless you’re on the security teams having to deal with the aftermath of these breaches. Why do gaps keep appearing year after year?
The reason is simple (though the solution isn’t). Gaps appear because IT Infrastructure keeps changing in perpetuity. For example, consider these recent, major changes in our computing landscape:
- Endpoints became closer and more mobile. Antivirus was status quo for years but it stopped working which gave birth to Endpoint Detection and Response (EDR).
- Enterprise perimeter evolved with the onset of SaaS. In turn, the industry gave us cloud access security brokers (CASB).
Where is the next major shift going to happen? In the data center. In the past, the data center was a walled garden in a confined and specific physical location. It has now dispersed across a multi-cloud infrastructure. The data center has become virtualized in the multi-cloud and all over the place.
SEE ALSO: How data science can answer cybersecurity challenges
The numbers speak for themselves. Misconfiguration is *the* major contributor to breaches and other security flaws in the cloud. According to IBM, bad configuration jumped by 424%, accounting for nearly 70% of compromised records over the year. Not surprisingly, this has slowed cloud adoption. Computing Cloud Review 2018 noted that 86% of organizations cite data breaches and loss as the primary reason they hesitate to adopt the cloud. But the cloud is a freight train few can stop. By 2020, Gartner predicts 75% of organizations will have deployed a multi-cloud or hybrid cloud model for their IT needs.
So let’s take a serious look into what gaps need to be overcome in order to properly move security to the next level:
- Gap #1: Security is too complex and overly reliant on a chokepoint mentality. Conventional security technology focuses on containment to produce restrictions, bottlenecks, and chokepoints. In the past, data and infrastructure were contained and controlled in discrete environments due to the fear of loss and compromise. With the advent of cloud architectures and the focus on reduction of containable environments, that got screwed up. Many of our old security toys became obsolete. Worst of all, while IT enjoys the benefits of cloud computing—speed and scale—security, by contrast, gets sluggish and bloated.
- Gap #2: The cloud is making security harder. In the good old days, security only had to secure a fixed set of physical data centers. It was a chess game having to protect data within an infrastructure. Now, with part of the infrastructure having been virtualized, other parts in bare metal and then other components in AWS/Azure, the chess game has become three dimensional (do a search on “Star Trek 3d chess” and you’ll see what I mean).
What will security need in the future to deal with an ever-evolving infrastructure? We call it Elastic Security – an approach that accepts that infrastructure will shift constantly. Your technology should close the loop between visibility and relevant security policy then instantly build the controls to make the appropriate. Organizations need an elastic approach that applies and expands security controls at will, dynamically, intelligently and with complete automation. By taking an Elastic approach to security, businesses can embrace the promise of cloud speed and scale without undercutting protection. This allows organizations to:
- Gain pervasive insight into applications and data across cloud deployments.
- Automatically and autonomously apply security intention no matter where data and applications are or where they go
- Scale to adjust in and out with dynamic environmental shifts.
The post Gaps in traditional security – Why do gaps keep appearing year after year? appeared first on JAXenter.
Source : JAXenter
