Unlock the True Potential of Digital Transformation
The day kicked off with Ruvi Kitov, Tufin CEO, discussing how network access – who can talk to whom, what can talk to what on the network – is fundamental to the security of an organization.
Enterprises are rapidly adopting cloud and IoT, resulting in complex, fragmented networks and a huge attack surface. In response, enterprises continue to implement additional firewalls and security measures; however, most lack effective, comprehensive and automated policy management.
Ruvi told the audience: “If you haven’t automated yet, you’re using a manual approach. If you’re using a manual approach, you cannot address today’s challenges.”:
- Increasing frequency and sophistication of cyberattacks
- Fragmentation of networks
- Accelerated pace of application development
- The need for continuous compliance with industry regulations
Your security is only as good as the policy you define and configure. Cybersecurity and network ops require a new approach to security – a policy-centric approach with automation at its core. This approach allows enterprises to:
- Balance agility and security
- Implement security changes in minutes instead of days with greater accuracy
- Reduce complexity of managing hybrid and fragmented networks
- Ensure continuous compliance with inudstry standards
This policy-centric approach lets enterprises unlock the true potential of digital transformation by enabling them to make changes in minutes instead of days.
“There are no hackers; there are only spies”
Next up, Tufin welcomed cybersecurity keynote speaker and bestselling author Eric O’Neill. Eric is known for his involvement in capturing the most notorious spy in United States history, Robert Hanssen, in February 2001.
During his talk, Eric argues that hacking is the necessary evolution of espionage where digital assets replace physical documents. Data on the internet is the currency of the modern world, and no one – and no organization – is immune to being hacked. Eric points back to the WannaCry ransomware attack which he calls the “first cyber pandemic” and transformed cybercriminals into “big game hunters.” He encouraged the audience to hunt the threat before the threat hunts us; if we’re always reacting to the threat, we’ve already lost.
Eric wrapped up his talk by detailing how he was able to catch Robert Hanssen with a simple, human tactic: knowing his routine.
Transformation, Innovation and Automation
Capping off the morning, we heard from Tufin CTO Reuven Harrison. According to Reuven, in IT security today, change is the only constant. Because of the constant change, it’s understandable that applying the principle of least privilege is ideal: allow what is necessary for the business; deny everything else. This is easier said than done. Today, the most widely accepted approach to keeping up with this contact change is through automation.
But with the adoption of cloud, change isn’t just constant; it’s accelerating. In a cloud environment, change is happening all the time as a regular course of action. How do you deal with this accelerated rate of change? And how do you use security policies to manage environments that use containers and microservices within the cloud context?
In Reuven’s experience, when he speaks to developers, they generally don’t care about security. They want to be secure, but it’s not what they’re measured by. They’re measured by their ability to deliver functionality. On the other hand, security teams are tasked with keeping the organization secure, and interfacing with development teams isn’t a priority for them.
There needs to be a way to bridge these two teams and prioritize both speed and security. Reuven then talked about the need to embed security into the CI/CD toolchain, and how Tufin’s latest solutions, Tufin Orca and Tufin Iris, address this need.
Customer Case Studies and Implementations
Other highlights from the day include the customer case study presentation and customer panel. During these sessions, we heard about the benefits that users are seeing with their Tufin Orchestration Suite deployments. One customer reported a 66% decrease in the time it takes him to process a change request, breaking the backlog that his team was experiencing. Other customers discussed their automation projects and how they are getting closer to automating as many network change requests as possible, as well as how they plan to adopt and implement Tufin’s latest solutions, Iris and Orca.
Speaking of which, the panel ended with a discussion around how the panelists are currently working with DevOps teams in their organizations. One customer left us with this question: How can security be a value-add – instead of a roadblock – to DevOps teams?
We ended the day by recognizing the top performing partners during the partner awards ceremony. Congratulations to our top partners:
- Access IT: Super-Regional Partner of the Year
- G2 Deployment: Services Delivery Partner of the Year
- Presidio: Hunter of the Year
- World Wide Technology: Partner of the Year
Stay tuned for more highlights from the second day of the conference and be sure to follow #Tufinnovate for updates from the show.
*** This is a Security Bloggers Network syndicated blog from Tufin - Cybersecurity & Agility with Network Security Policy Orchestration authored by Susan Rivera. Read the original post at: https://www.tufin.com/node/2414