Businesses across the globe are under attack.
As adversaries grow more determined and sophisticated, the cost of data breaches continues to soar, with the Ponemon Institute revealing that the global average cost of a data breach is $3.62 million.
Gartner predicts that, by 2021, more than a million Internet of Things devices will come online each hour. This proliferation of attack surfaces is giving threat actors more space to operate.
In such a dynamic threat environment, businesses need dependable security they can trust, says John Maynard, VP, EMEAR Security at Cisco, who will be presenting on 'An architectural approach to security', at the ITWeb Security Summit, to be held from 21 to 25 May, at Vodacom World, in Midrand.
Integrated architectural approach
Maynard says there is a key difference between an integrated approach to security, where multiple point products communicate via point-to-point connections through APIs, scripts and other such mechanisms, and an integrated architectural approach, where all of the components are designed to work together and natively share information.
He says, in an integrated architectural approach, a single 'source of truth' will provide consistent policies. "In the case of an integrated approach alone, each component has its own built-in policy definition."
See it once, protect everywhere
According to Maynard, an architectural approach uses a shared source of intelligence, meaning that if any of the components of the architecture sees a threat, the information is available to all the other components.
"The architectural approach allows us to 'see it once, protect everywhere'. Moreover, an architectural approach will generally use a common approach to management, with consistent management tools and a common look and feel for the user interface.
He says, in Cisco's case, an architectural approach also takes advantage of native security features from the network fabric and the data centre architecture. Policies defined centrally will be deployed across the elements of the architecture, and will also be enforced directly by the switching, routing and wireless infrastructure. The data centre will provide in-depth application-level visibility. None of this can be achieved if security is not architected into the IT system. Finally, documented public APIs, based on standards where applicable, allow IT managers to build on additional features as required.
Consistency is key
Consistency is essential to security, as threats will generally enter through the 'weaker link', Maynard adds.
"With an integrated approach, there's bound to be inconsistencies, so there will always be a weaker link. With an architectural approach, an update to a policy only has to happen in a single location. This allows rapid policy changes to contain threats the moment they are detected. A shared source of information allows for the correlation of indicators of compromise from multiple sources, lowering the risk of false positives."
In addition, a consistent user interface facilitates the management of the architecture, reducing risks of human error. "All of this pulled together also facilitates the automation of threat management, so that only the most important threats require human intervention. An added benefit is cost reduction, both in terms of deployment and operations," he adds.
Providing secure IT
Delegates attending Maynard's talk will learn about an architectural approach, as well as the tight integration with Cisco's network, data centre and collaboration architectures.
"We believe that security needs to be aligned with business objectives. Security is essential to allow for effective digitisation of our customers' business roadmaps. By building security into the IT system, we enable our customers to drive these new business initiatives effectively.
"Cisco's objective is to make IT environments secure. We don't just want to provide security, we want to provide secure IT," he concludes.
Share