SBN

RSAC insights: Security platforms arise to help companies discover, assess and mitigate cyber risks

Pity the poor CISO at any enterprise you care to name.

Related: The rise of ‘XDR’

As their organizations migrate deeper into an intensively interconnected digital ecosystem, CISOs must deal with cyber attacks raining down on all fronts. Many are working with siloed security products from another era that serve as mere speed bumps. Meanwhile, security teams are stretched thin and on a fast track to burn out.

Help is on the way. At RSA Conference 2022, which opened today in San Francisco, new security frameworks and advanced, cloud-centric security technologies will be in the spotlight. The overarching theme is to help CISOs gain a clear view of all cyber assets, be able to wisely triage exposures and then also become proficient at swiftly mitigating inevitable breaches.

Easier said than done, of course. I had the chance to discuss this with Lori Smith, director of product marketing at Trend Micro. With $1.7 billion in annual revenue and 7,000 employees, Trend Micro is a prominent leader in the unfolding shift towards a more holistic approach to enterprise security, one that’s a much better fit for the digital age. For a full drill down on our discussion, please give the accompanying podcast a listen. Here are key takeaways.

Beyond silos

It was only a few short years ago that BYOD and Shadow IT exposures were the hot topics at RSA. Employees using their personally-owned smartphones to upload cool new apps presented a nightmare for security teams.

Fast forward to today. Enterprises are driving towards a dramatically scaled-up and increasingly interconnected digital ecosystem. The attack surface of company networks has expanded exponentially, and fresh security gaps are popping up everywhere.

What’s more, the rapid rise of a remote workforce, in the wake of Covid 19, has only served to accelerate cloud migration, as well as scale up the attendant network exposures. Unmanaged smartphones and laptops, misconfigured Software as a Service (SaaS) apps, unsecured Internet access present more of an enterprise risk than ever.

“The increased number of these cyber assets means that there’s more cyber assets that can potentially be vulnerable,” Smith says. “This opens up an even bigger and more profitable attack surface that cybercriminals are only too eager to target and exploit.”

Smith

In this hyperkinetic environment, a harried CISO needs to be able to visualize risk from a high level — as if it were moving in slow motion – and then make smart, strategic decisions. No single security solution now does this; there is no silver bullet. And the usual collection of security tools – firewall, endpoint detection, intrusion detection, SIEM, etc. – typically arranged as siloed layers to protect on-premise networks, falls short as well, Smith says.

See, assess, mitigate

In life, solving any complex challenge often comes down to going back to basics. Enterprises can head down several viable paths to start doing this, with respect to network security. Trend Micro is in the camp advocating that a more holistic security posture can be attained through securing three fundamental capabilities.

The first is the ability to see everything. Enterprises need to gain a crystal-clear view of every component of on-premises, private cloud and public cloud IT infrastructure, Smith says. This is not a snapshot; it’s more of a process of continuously discovering evolving tools, services and behaviors, she says.

Observes Smith: “This is about gaining visibility into all cyber assets, internal and external, and answering questions like, ‘What is my attack surface?’ and ‘How well can I see all the assets in my environment?’ ‘How many assets do I have?’ ‘What types?’ ‘What kinds of profiles do my assets have and how is that changing over time?’”

Discovering and continuously monitoring all cyber assets enables the second essential capability: doing strategic risk assessments to gain important insight into the status of their cyber risks and security posture. Need a roadmap? CISOs need only to follow the principles honed over the past 200 years by the property and casualty insurance industry.

It comes down to taking an informed approach to triaging cyber exposures, Smith says. Organizations need better insight in order to prioritize those actions that will help them reduce their risk the most. It helps identify the security controls that should be in place as appropriate for that cyber asset. For example, strong authentication and least privileged access should be essential for sensitive assets but may be unnecessary for benign assets.

The third capability has to do with mitigating risks. Data analytics and automation can very effectively be applied to dialing in the optimum mix of security and agility, at scale. “This is about applying the right controls,” Smith says. “Whether that’s automated remediation action using security playbooks or prioritizing and proactively implementing recommended actions to lower risk.”

Towards holistic security

It’s remarkable – and telling – that Trend Micro got its start in 1988 as the supplier of a siloed security product: antivirus software. The company has evolved to stay in step with the evolution of network architectures and a threat landscape in which threat actors always seem to operate several steps ahead of security teams.

Trend Micro One, its unified security platform, along with its XDR capabilities, represent the latest iteration of its product strategy. Consolidating native Trend Micro tools and services with partner solution integrations will help enterprises put aside their siloed defense mentality and achieve comprehensive security in a powerful way.

“For effective security, you must have protection, detection, and response in place,” Smith says. “And you must have that continuous attack surface discovery and risk assessment so that you are prioritizing your actions and optimizing your security controls appropriately . . . I think that’s why we’re seeing security platforms, in general, gaining traction; because today’s environment requires that holistic approach.”

The rise of security platforms optimized for modern networks is an encouraging development. It’s early; there’s more to come. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.


(LW provides consulting services to the vendors we cover.)

*** This is a Security Bloggers Network syndicated blog from The Last Watchdog authored by bacohido. Read the original post at: https://www.lastwatchdog.com/rsac-insights-security-platforms-arise-to-help-companies-discover-assess-and-mitigate-cyber-risks/