By Jonathan Nguyen-Duy, Vice President, Global Field CISO at Fortinet
Anyone paying attention to the speed at which networks have been evolving must also understand the impact these changes have had on cybersecurity. Gone are the days when you could just place a firewall at the edge of your network and call it good. Today, security needs to be everywhere, at every edge, following every user, and tracking and securing every application and workflow end-to-end—especially as they move across and between different network environments.
The challenge for CISOs is that few security solutions are up to the task. Even those that claim to be “network-aware” do not provide the depth of integration or broad deployability that organisations require. In addition, every bit of the network, even those segments in a constant state of change, that is not covered by a centrally managed and deeply integrated policy represents a blind spot in your protection—and an opportunity for cybercriminals to worm their way into your network. Building an effective security strategy for today’s digital organisations requires three key components.
Network and Security Convergence
Converging security and the network is more than just a marketing catchphrase. A Security-driven Networking strategy places security front and center in every network decision, ensuring that nothing in the network ever changes—not even optimising a connection—without appropriate protections in place. But that’s just the start. True convergence also means that security and the network teams work together to address critical issues they couldn’t solve independently. Automatically segmenting and monitoring IoT devices, maintaining zero trust policies for accessing the network or applications, or consistently enforcing policies for applications and workflows that flow across and between multiple clouds and physical network environments require the network and security to work together as a unified solution. Such an approach is the heart and soul of any scalable work-from-anywhere strategy that is serious about extending enterprise-grade protection to home offices and mobile users and devices.
No discussion about convergence would be complete without addressing the issue of consolidation. Every organisation understands the challenges of—and limitations imposed by—having too many disparate point security products. Today’s cyber criminals have become experts at locating and exploiting security gaps that arise when IT teams cannot quickly and easily correlate threat intelligence to detect malicious activity or, worse, fail to launch a timely, coordinated response simply because there are too many consoles to monitor.
Consolidating security solutions using a platform-based strategy expands visibility and enables true automation that can span the network. It allows AI-powered technologies and services to span the network rather than be limited to a tiny subset of solutions. A platform built around a common OS helps eliminate conflicts and user error when configuring and orchestrating diverse solutions—especially those deployed at different edges of the network. But not any platform-based solution can do this. An effective platform not only needs to be deployed natively in any environment but also seamlessly translate policies between those ecosystems. This is the only way to ensure consistent enforcement and monitor and secure applications, transactions, and workflows that cross between different environments.
Of course, best-of-breed enthusiasts balk at consolidated platforms. They argue that such an approach often saddles them with sub-par products that can diminish the effectiveness of their security. In some cases, that may be true. However, best-of-breed, point products don’t necessarily mean the best solutions. Multi-vendor, best-of-breed strategies require staffing, investments and resources to effectively integrate and managed multiple products—the very same limitations that stymie efforts to close gaps in visibility and control. The practical result is vendor lock-in due to lack of skilled staff and increased complexity as teams struggle to integrate multiple products from different vendors. Therefore, any platform candidate must be built using open APIs and common standards so that third-party solutions can be easily integrated, giving IT teams the best of both worlds. Also look for vendors with large, open and mature devops communities that reduce the challenges of third-party technology integration.
Today’s enterprises are increasingly software-defined, using highly responsive computing to deliver better business outcomes and user experiences. Serving our customers, partners and employees requires consistent security and network performance on any device, for any user, from any location.
An effective security platform needs to do its job without bottlenecking traffic or bogging things down. However, that is precisely what many security solutions do when it comes to table-stakes functions like inspecting encrypted traffic. According to Google, over 95% of internet traffic is encrypted. Yet most firewall performance drops precipitously when tasked with inspecting that traffic. It’s because they were built with off-the-shelf CPUs that were never designed to support such processor-intensive tasks. Like the graphics processors that allow users to stream video conferencing in real-time, security tools need specialised hardware that can offload critical security functions, so organisations never have to choose between security and performance.
Digital Acceleration Must Be Secure to Avoid Deceleration
It’s a new world, and businesses that learn how to securely operate in this new environment have no limits on what’s possible. However, that can only happen if they take the same digital acceleration principles they are using for their network and apply them to security. So consider starting with security solutions designed to support the way you operate the rest of your business.