Threat Modeling: Protecting Security Infrastructures in 2019

A pressing challenge throughout 2019 is cybersecurity professionals must manage industry shifts as they protect security infrastructures. These industry trends and issues are compounded by a lack of visibility into the location and security of data inventories. Many IT managers lack insights to their inventory, often failing to create complete lists of all inventory sources. When data is residing outside the data center, they’re especially anxious about the related risks. Thankfully, service providers are working hard to improve protections against breaches and other risks while increasing the transparency where data is secured.

Within the challenges facing the cybersecurity industry in 2019, there’s room for opportunity. Companies that want to navigate this landscape must embrace proactive security processes. Here are some of the most urgent and impactful issues and some mitigation strategies:

Moving to the Cloud

Transitions to the cloud are occurring in masse. However, the movement is paved with challenges, especially because it represents an unfamiliar infrastructure. IT that used to exert complete control over in-house data must now give control and trust cloud providers. They need to examine the cloud provider’s methods for storage and transmission of data, and be certain they’re comfortable with overall data governance. Another challenge is estimating the costs of cloud environments. They’re on-demand resources, which is great for flexibility, but challenging for cost estimations when data usage is scaling up or down rapidly.

Most organizations see benefits outweighing the challenges when it’s time to move inventory to the cloud. Inventory management is significantly easier in cloud-native architectures. This is the ideal environment for building software applications, where the team gets maximum benefit from a cloud computing model. Security is also improved with the cloud, and of course is a primary reason for moving. Providers can install patches and updates dynamically with no downtime—no more risk of operational delays due to manual updates of on-premises infrastructure. Cloud providers are also more adept at DDoS prevention because they’ve been targeted numerous times and have the technology and expertise in place to mitigate such threats. And the cloud is, of course, not on-site and backed up with multiple redundancies, which removes the threats of natural disasters.

Modeling Threats Proactively

New attack vectors will emerge in 2019. Use of AI and machine learning tools will enable bad actors to increase the sophistication and reach of their attacks. They’ll pair these types of intrusions with more traditional attacks such as DDoS and ransomware to produce a deluge of issues for companies of any size.

Traditional threat management is fundamentally reactive. Firms put up a firewall and employ anti-virus, but they lack insight into a true enterprise-level view of the cloud or their own network. The threats have evolved, yet the industry remains stuck in an outdated model for threat management. They might engage in processes such as penetration testing to spot issues and fix them, but they aren’t catching these problems on the front end. And the pressure of being “first to market” means even if these problems are known, they might not be addressed until the next release. So these firms continue to use scanning and testing tools, but they’re still hacked. Preventing this faulty dynamic requires a more proactive approach using threat modeling to fix problems in the development stage.

By utilizing advanced threat modeling tools, companies are able to spot entry points and attack paths before the infrastructure is built. Once the problem is identified, the fixes are pretty straightforward. Threat modeling tools are now an ideal choice due to market maturity. They’re simply much more robust and easy-to-use, and are suitable for small companies and the Fortune 500 crowd. The best threat modeling processes are instantly scalable and provide automated tools that work intuitively and quickly.

Running Short on Talent

A recent Gartner report dives into the talent shortage for cybersecurity and suggests firms will employ a much leaner approach to staffing. Qualified staff remain in very short supply despite the ongoing demand and the promotion of cybersecurity at universities.

“Digital business has changed the risk landscape permanently. Even in the unlikely case that there are no resource constraints, scaling up a centralized cybersecurity function as more and more threats emerge isn’t necessarily the best way to protect organizations,” said Gartner Fellow and Research Vice President Tom Scholtz. He and the Gartner report suggest a new approach is needed to combat sophisticated threats, instead of simply adding more staff resources.

To secure infrastructures, cybersecurity professionals need automation tools that can spot threats without manual operation. It’s a scale problem. The breadth of new threats coming out is so massive that people cannot keep up. Even the most knowledgeable security professional cannot manage all the threats. They need automation to spot any threats throughout the infrastructure. People are still required to understand broader trends and implement strategy as well as know how to pick the most impactful technology tools.

As we enter the 2020s, what does the future hold for cybersecurity? Quantum computing is coming, bringing with it opportunities for both bad actors and the enterprise. More processing power and improved automation will allow hackers to launch multiple attack vectors and threats. AI will also change the game as intelligent threats emerge that can dynamically spot potential attack paths and effectively learn from their mistakes. Preventing these attacks will require security teams to fully embrace automation tools such as threat modeling and adjust their mindsets to a proactive whole-infrastructure approach.

Featured eBook
Speed and Scale: How Machine Identity Protection is Crucial for Digital Transformation and DevOps

Speed and Scale: How Machine Identity Protection is Crucial for Digital Transformation and DevOps

Digital transformation requires new approaches to security, demanding the protection of machine identities that enable authentication and encryption required for secure machine-to-machine communication. Solving machine identity protection challenges within DevOps environments, requires a fundamentally new approach. Information Security teams must deliver a frictionless, automated solution that allows DevOps engineers to seamlessly provision and manage certificates ... Read More
Venafi
Anurag Agarwal

Anurag Agarwal

Anurag “Archie" Agarwal, CSSIP, is the Founder & CEO of ThreatModeler Software. With more than 20 years of real-world experience in threat and risk analysis, Anurag has been instrumental in successfully implementing SDLC and enterprise solutions, helping Fortune 1000 companies minimize their exposure to cyber threats and mitigate risks. Before founding ThreatModeler, he was the Director of Education Services at White Hat Security. Anurag observed how traditional application SDLC processes do not account for security threats until software is well into the development path. Based on his technical knowledge, as well as hands-on work in application security, Anurag conceived an approach that enables companies to predict and manage cyber threats to their applications, information, and infrastructures. The concept was refined with industry feedback, and the first version of ThreatModeler™ was released in 2011. The platform matured, leading to the release of the Enterprise Version in 2013.

anurag-agarwal has 1 posts and counting.See all posts by anurag-agarwal