The new security perimeter is in the cloud
The network perimeter is no longer where security stands or falls. Cloud security is the new frontline, and uses automation and analytics to optimise your security posture.
In a rapidly digitally transforming world, it should come as no surprise to learn that the traditional security model is inadequate. With the rise of the cloud, the increasing use of software-defined wide area networks (SD-WANs) driving network transformation and the Internet of things (IOT) leading to an explosion of devices that do not accept traditional endpoint technologies for protection, the perimeter has clearly shifted.
Moreover, things have been exacerbated by the fact that the COVID-19 inspired lockdowns across the globe have led to a massive uptick in people working from home. With increasing numbers doing this, more people are accessing company resources via the cloud. The underlying premise is that in this new world of work, we need to be sure people who are working remotely are safe and secure. To this end, security in the cloud is a clear answer to these new challenges.
According to Dean Wolson, Country Manager – Africa at Infoblox, what modern organisations need is a scalable, simple and automated security solution that protects the entire network without the need to deploy or manage additional infrastructure.
“It is important that the solution is one that strengthens and optimises your security posture from the foundation up, something that not only secures your existing networks, but also digital imperatives like SD-WAN, IOT and the cloud,” says Wolson.
“In today’s world of multiple attack vectors, you need rich network and threat contexts, delivered by an effective security orchestration, automation and response (SOAR) solution. In this way, you can optimise the performance of the entire security ecosystem and reduce your total cost of enterprise threat defence.”
Obviously, he continues, a future-proof security model will encompass ways to detect and block exploits, phishing, ransomware and other modern malware, as well as to identify malware propagation and lateral movement through east-west traffic monitoring. More than this, though, it needs to also be capable of restricting user access to certain Web content categories, tracking activity and preventing data exfiltration techniques by utilising analytics and machine learning.
“Security in the cloud solutions must also be able to accelerate investigations into potential breaches and streamline threat hunting, while maximising security operations centre efficiency and reducing incident response time. Further, they should ideally block malicious activity automatically and provide the threat data to your organisation’s entire security ecosystem for investigation, quarantine and remediation.”
“A SOAR solution optimised using contextual network and threat intelligence data should not only reduce threat response time and limit the number of alerts to review and the noise from your firewalls, it should also collect and manage curated threat intelligence data from internal and external sources and distribute this to your existing security systems.”
Wolson says that in his opinion, an effective cloud security solution must also be able to leverage the greater processing capabilities of the cloud to detect a wider range of threats, while enforcing rules to protect your data centre, remote offices or even roaming devices.
The right combination of automation and analytics will empower security analysts with automated threat investigation, insights into related threats and enable quick, accurate decisions to be taken on threats. This will also help to reduce the human analytical capital required.
“In this day and age, cyber crime is rampant and vast quantities of ransomware, spyware and adware may find their way over links opened by Internet users. Therefore, every organisation that is digitally transforming or already in the cloud needs a security solution that can help block users from redirects that take them to bad sites, that keeps machines from becoming infected, and, ultimately, keeps all your users safer and more productive,” concludes Wolson.