Change is the Enemy of Security Operations. How Can You Embrace Change?
May 17, 2017
In this third blog of the series on networking essentials for the future (Automated, Open, Secure, and High Performance), I look at the necessity of being secure.
Most businesses have come to know that they need to keep data and systems secure. So why is cybersecurity such a hot topic right now?
In my view, it is due to the increased value of data and the consequent risk from it being exposed. There are two types of data to consider:
First, your own internal data. This can be financial information, trade secrets or intellectual property. All of these are valuable and historically have been most effectively protected by businesses, if only because this type of data has been important to businesses before it became digital data. Thirty years ago, it would likely have been stored in a safe with a thick metal door.
Over the last few years the amount of data held by businesses about their customers, and the value of this data, has grown exponentially. This has been driven by the move to digital services, but also by the drastic reduction in the costs to store, process, and analyse these mountains of data.
The increased importance of customer data is reflected in the upcoming GDPR regulations, which will come to force on May 2018. For large businesses, a failure to comply with the best practices set out in GDPR could lead to fines of €20m or 4% of revenue. These fines could have a significant financial implication for many businesses.
As I said earlier, all businesses know that they need to keep data secure. The number of high profile breaches illustrates that this is easier said than done. How can cybersecurity be so difficult?
I believe that it all comes down to a simple challenge. Any change in the IT environment will lead to a potential security risk. Yet all businesses have to innovate faster and faster using IT to keep up with the demands of their customers and to maintain market share.
How do you overcome this challenge? There are two important things to consider. First, a simple system is always going to be easier to secure than a complex one. Secondly, people are prone to errors and have a limited number of hours they can work each day. To ensure a secure environment in a time of innovation you need to stay focused on simplifying the overall system and maximising the use of automation.
In addition to the challenge above, businesses also need to protect against new software vulnerabilities and zero-day threats that are being exposed. The best way to do this is to make sure that all devices have the latest protection software updates as soon as possible.
The network is the conduit for all of these threats and is a critical point in the cyber security defences of any business. Historically, network security has been about building a secure perimeter to keep the bad guys away from the data and the good guys on the internal network.
“One should assume that an internal network is as fraught with danger as the public internet.”
But this model is fundamentally broken. Attacks are getting into the corporate network via many vectors such as USB keys, phishing emails to personal accounts, social media and compromised personal devices. The network needs to be proactively identifying issues and isolating them – all fully automated and in real-time.
The first network essential that I blogged about was automation, and automation is also critical to network security. With businesses typically spending 80% of their time ‘keeping the lights on’, that means your security team is spending too much of its time updating software and applying policies that already exist and not enough time combatting future threats. You need to get it right 100% of the time - the bad guys only need to succeed once.
I believe automation is the only way to scale network security effectively as the complexity inevitably increases.
Borrowing a theme from my previous blogs in this series, I would define a network with a score of 10 out of 10 for being secure as one where:
You are protected against 100% of the known threats in the industry
In all parts of your network
On all devices, both corporate owned and employee owned
Incorporating threat intelligence from multiple sources – not just a single vendor
100% of your devices have the latest software to help mitigate zero day attacks
100% of day-to-day tasks are automated
This is a high bar to set, and even this will not be infallible against the most determined hackers. But such a network will lay the best possible foundations for being a secure network.
As I finish this blog; I have a few questions for you:
How would you score your own network on a score of 1 out of 10 for security?
Where would you like to be in 2-3 years’ time?
What are the immediate next steps you would like to take to close your secure networking gap?
If you want to learn more about what Juniper is delivering for secure networks check out some of the links below: