Dell Technologies announced it will open a zero-trust Center of Excellence next spring in collaboration with CyberPoint International and the Maryland Innovation Security Institute (MISI) at the U.S. Cyber Command’s DreamPort facility in Columbia, Maryland.
The goal is to provide organizations with a secure data center to validate repeatable zero-trust blueprints based on the Zero Trust Reference Architecture created by the U.S. Department of Defense (DoD).
In addition, Dell promised to transform how cybersecurity technologies are consumed via a set of services based on endpoint security platforms it has developed to enable zero-trust security. Those services will be rolled out in the months ahead, Dell said.
Dell Global CTO John Roese said the current state of cybersecurity is a mess. Most of the cybersecurity platforms employed today are reactive in the sense that they are designed to enable organizations to recover from an attack rather than prevent one, he noted.
As such, there is a chronic need for a different architectural approach that will enable organizations to consume cybersecurity technologies as a service rather than requiring organizations to dedicate teams to managing security operations, said Roese. At the core of that approach is a unified control plane that Dell is building to manage all aspects of security, including data protection in the cloud and on-premises IT environments and to combat ransomware, which reduces the current level of friction organizations currently encounter, he added.
It’s not clear how far organizations will shift toward consuming cybersecurity technologies as a service, but as attacks continue to increase in volume and sophistication, it is apparent cybersecurity teams are struggling to keep pace. Of course, various types of managed security services have been available for years, but most organizations still rely on internal IT and security operations teams to manage security platforms. Dell is making a case for an emerging as-a-service approach to managing IT—and now, security—through which it manages infrastructure on behalf of customers.
Rather than completely outsourcing IT and security operations, that approach enables internal teams to co-manage IT environments alongside the vendor that built the IT management platforms. In theory, that strategy then enables organizations to devote more resources to managing and securing application environments.
Dell already provides cybersecurity advisory services to help organizations implement zero-trust security alongside a vulnerability management service. Through that service, Dell cybersecurity teams regularly scan customer environments for vulnerabilities. Dell also makes it possible to disable PC ports prior to shipment to help prevent tampering with BIOS settings and provides tamper-evident seals on its platforms. Dell has also integrated its PC BIOS with the Microsoft Intune management platform to provide additional telemetry.
Each organization will need to decide for themselves to what degree they may want to rely on one vendor to provide security services. Given the chronic shortage of cybersecurity expertise, there is already no doubt most organizations will need to rely on external help, at least to some degree, to secure increasingly complex IT environments.