Introducing Intrinsic Cybersecurity
One of the most significant obstacles when it comes to having an effective cybersecurity strategy is that traditional approaches are too reliant on endpoint solutions. By focusing on trying to safeguard the business at the perimeter, companies will always be reacting to attacks. But there is another way – one that looks at security as ‘intrinsic to the organisational infrastructure’.
“With the worldwide market size for software-defined networking (SDN) expected to grow to almost $14 billion by the end of 2021 from the less than $8 billion of 2018, there are signs that businesses are starting to think differently about how they manage their physical networks. A natural part of this is its security with the realisation that what worked before is no longer adequate for a digital environment,” says Chantal Voges, VMware Business Development Manager at Comstor.
Many companies typically implement security measures as add-ons after the network has been put in place, and applications have been installed. But such a ‘security later’ mindset will only result in more security features having to be implemented as the company grows. And as these accumulate, it becomes more challenging to ensure that all the possible entry points into the network remain protected. This is especially the case with the rise of edge computing and Internet of Things devices gathering and submitting information from a plethora of data points.
“Security, like so many IT processes, has been compartmentalised at businesses. All aspects of defence are pigeonholed in their own pockets. For example, the firewall has a specific responsibility as does anti-virus, desktop services, and so on. But very few organisations have a unified view of how effectively their environment is protected and where gaps exist.”
This leads to another problem around how cybersecurity is done today – companies cannot manage what they do not understand. By not being fully aware of their entire IT ecosystem, how can organisations hope to effectively keep data safe? This encompasses everything from the network and data to the applications and supporting infrastructure being used.
“Ultimately, cybersecurity must be aligned to the applications, data, and infrastructure of the business. It must be intrinsic to everything the organisation does. This has become even more imperative in a cloud-driven world where multiple environments are used for different things. An intrinsic approach ensures that whether it is the cloud, the network, applications, or even the workplace, everything align to an integrated whole,” adds Voges.
A New Way
By virtualising cybersecurity in this way, companies can gain a deeper understanding of not only their applications, data, and network environment, but also on all its cybersecurity elements. So, instead of having security as an add-on, it is integrated into all aspects of the business.
“This will not only result in fewer security solutions but will also see companies becoming more pro-active in how threats are managed. By detecting anomalies using automated actions that are built-in to the environment, decision-makers can remain more focused on delivering on their strategic mandate. Ironically enough, having security intrinsic to everything the company does, reduces the attack surface as most elements of the company will have built-in protection,” says Voges.
In this environment, it is all about simplifying security and leveraging existing infrastructure to inject an intrinsic component to cyber defence. Removing the legacy model and the need to continually be reactive will unlock a more robust cybersecurity environment, perfectly positioned for the needs of a connected, digital landscape.