Johannesburg, 18 Aug 2020
One of the most significant obstacles when it comes to having an effective cyber security strategy is that traditional approaches are too reliant on endpoint solutions. By focusing on trying to safeguard the business at the perimeter, companies will always be reacting to attacks. But there is another way – one that looks at security as "intrinsic to the organisational infrastructure".
“With the worldwide market size for software-defined networking (SDN) expected to grow to almost $14 billion by the end of 2021 from the less than $8 billion of 2018, there are signs that businesses are starting to think differently about how they manage their physical networks. A natural part of this is its security, with the realisation that what worked before is no longer adequate for a digital environment,” says Chantal Voges, VMware Business Development Manager at Comstor.
Growing complexity
Many companies typically implement security measures as add-ons after the network has been put in place and applications have been installed. But such a ‘security later’ mindset will only result in more security features having to be implemented as the company grows. And, as these accumulate, it becomes more challenging to ensure that all the possible entry points into the network remain protected. This is especially the case with the rise of edge computing and Internet of things devices gathering and submitting information from a plethora of data points.
“Security, like so many IT processes, has been compartmentalised at businesses. All aspects of defence are pigeonholed in their own pockets. For example, the firewall has a specific responsibility as does anti-virus, desktop services, and so on. But very few organisations have a unified view of how effectively their environment is protected and where gaps exist.”
Gaining insight
This leads to another problem around how cyber security is done today – companies cannot manage what they do not understand. By not being fully aware of their entire IT ecosystem, how can organisations hope to effectively keep data safe? This encompasses everything from the network and data to the applications and supporting infrastructure being used.
“Ultimately, cyber security must be aligned to the applications, data and infrastructure of the business. It must be intrinsic to everything the organisation does. This has become even more imperative in a cloud-driven world where multiple environments are used for different things. An intrinsic approach ensures that whether it is the cloud, the network, applications, or even the workplace, everything aligns to an integrated whole,” adds Voges.
A new way
By virtualising cyber security in this way, companies can gain a deeper understanding of not only their applications, data and network environment, but also on all its cyber security elements. So, instead of having security as an add-on, it is integrated into all aspects of the business.
“This will not only result in fewer security solutions, but will also see companies becoming more proactive in how threats are managed. By detecting anomalies using automated actions that are built into the environment, decision-makers can remain more focused on delivering on their strategic mandate. Ironically enough, having security intrinsic to everything the company does reduces the attack surface as most elements of the company will have built-in protection,” says Voges.
In this environment, it is all about simplifyingsecurity and leveraging existing infrastructure to inject an intrinsic component to cyber defence. Removing the legacy model and the need to continually be reactive will unlock a more robust cyber security environment, perfectly positioned for the needs of a connected, digital landscape.
Share