I assume—or at least hope—that it won’t come as a surprise to you that effective cybersecurity is challenging. I mean, if it were easy, we would have found a better solution by now and we wouldn’t have weekly data breaches from companies that perpetually invest significant amounts of money chasing their tails with the same technologies. As technology evolves, though, it is becoming more and more difficult to even know where your network is and what is connected to it, which makes “challenging” seem a bit understated.
Cybersecurity Is a Moving Target
There are a variety of factors involved in security—identity and access management, vulnerability management, patching and updating, etc. As I noted recently on Forbes, “One of the simplest truths of cybersecurity is that you can’t protect what you can’t see. Without an accurate inventory of every asset and service connected to the network, it’s not possible to discover vulnerabilities, identify configuration or other security issues, or detect suspicious or malicious activity on them.”
Today’s networks are dynamic. The days of relatively static network environments housed safely within a tightly-controlled on-premise data center are long gone. They’ve been replaced by volatile hybrid and multi-cloud architectures built on DevOps and containers. The network, and the assets that need protecting, are constantly changing and shifting.
Think of it like a house. It is relatively simple to make sure the doors and windows are locked to protect the house. Now, imagine that new doors and windows—sometimes thousands at a time—can appear or disappear at any given moment, and the house is actually an RV driving down the highway at 70 miles per hour. When you add complexity and volatility, it is much more difficult to know what the network looks like from one minute to the next, and if you don’t know what it looks like and what’s connected to it, you can’t effectively protect it.
Comprehensive Visibility and Streamlined Security
Phillippe Courtot, founder and CEO of Qualys, recently told me, “The issue you have today is because we have entered into a changing IT world where everything connects with almost everything. The old security techniques—segmentation, VPN, firewall, DLP—all of these solutions you are piling on no longer work because the environment is so diverse and spread out. None of these solutions are designed for that. That also underscores why we have so many data breaches–because the tools are not equipped to provide effective defense.”
One of the most important elements of effective security is comprehensive visibility. That has always been true, but—as illustrated above—it is more challenging now. A dynamic cloud-based environment needs a cloud-based tool that has the agility and scalability to keep up with the rapidly-changing ecosystem.
Visibility is an important step—but it’s only the first step. Once you have an accurate picture—in real-time—of the servers, applications, services, and data on your network, you also need a security platform that can scale and keep up to provide a streamlined understanding of your security posture, along with the information and context you need to prioritize and address any issues that are identified.
*** This is a Security Bloggers Network syndicated blog from Security – TechSpective authored by Tony Bradley. Read the original post at: https://techspective.net/2019/04/17/you-cant-protect-what-you-cant-see/