IT security

Forget what you think you know about IT Security. It is probably wrong

Posted on 01/07/2019 by vmwarebelgium
DISCLAIMER: this article is older than one year and may not be up to date with recent events or newly available information.

We’re spending more than ever before on IT security. Yet at the same time, we see continually more cyber threats. And it’s a matter of when – not if – your organization is penetrated. So, what to do and how does that work?

Pat Gelsinger, VMware CEO, described the situation above as ‘fundamentally wrong’. « While more of our lives are coming online, and our digital footprint grows, security lags behind. The potential attack surface area grows. But the traditional approach remains the firewall – a barrier at the edge of the organization, deflecting threats from the perimeter. Unfortunately, in today’s multi-cloud, multi-service world, there ain’t no edge. »

Three steps to change security

At a time when criminals using machine learning to automate weakness identification, being able to secure our complex operations is becoming harder than ever. It’s a challenge that we need to overcome. We must change three things:

1. Shift in mindset

Firstly, mindsets need to shift from a reactive to a preventative mindset. The biggest threat to security is the hyper-focus on security threats. That’s reactive – trying to counter what’s out there. Currently, according to VMware analysis, organizations spend 80% of their budget on reactive measures. That isn’t changing any time soon – 72% of VC funding is going on reactive security start-ups.

But it needs to change: we need to turn the triangle upside down. If organizations invest in prevention, then they nullify a lot of the easy access points that hostile parties look for.

2. Focus on applications

Secondly, it’s time to focus on applications. Not on hardware. Applications are the reason there is no edge these days – they exist out of  a complex mix of services and systems, with parts in different environments. Why would a cyber threat target a secure data center if it can find a back door in the web end of an application?

3. Make security intrinsic

Finally, it’s time to make security intrinsic – to build it in. Too often, it’s an afterthought: ‘We’ve built this, now we better secure it’. Anything additional becomes separate and can quickly become out of sync with what it’s supposed to be defending. It’s something else that needs you need to consider. Because ‘complexity is the enemy of security’.

There’s the example of a major bank that has a handful of vendors providing network, storage and servers, yet over 250 providing security services. How does the organization keep all that updated and properly integrated? All it takes is one out of line system and it’s an easy way in.

The future is software-defined security

Yet build something in and you can’t turn it off without turning off the entire application. It gets updated at the same time, it is hardwired in to the systems and services that make up the application. Gelsinger calls this the ‘firewall for the cloud era’, or the Service Defined Firewall.

Gelsinger summarizesthe way forward: « To deliver a secure future, there needs to be a software-defined, agile, machine-learning infrastructure with security intrinsic to its build. »


Category: News

Tags: , , , ,

Related Articles

Posted on 13/12/2019 by vmwarebelgium

Hybrid cloud: can it keep all the cloud’s promises?

What are your New Year’s resolutions? With 2020 coming up, people promise they will stop smoking, be more active, finally start with that hobby. In business, more and more people are looking at – or using – the cloud. They are now seeing real benefits of the cloud. However, there is no single trajectory. So, […]

Posted on 25/10/2017 by blogsadmin

Join us at vInnovation Online 2017

Tech innovations are reshaping entire industries. There’s a need for a speed, for security, and above all, an imperative to stay ahead of the competition and up-to-date with the latest visionary thinking. While your rivals continue to seek new opportunities and innovative solutions across the board, can you really afford not to? It’s time to […]

Posted on 03/01/2019 by vmwarebelgium

Why you should care about logical separation and how you can do it in software?

Security has always been a must have, in fact a necessity for business and indeed civilisation itself. No fortified castle, no community.  No alarm, no jewels, no perimeter security, certain data breach. You get the point.  Guest blog by Joe Baguley, VP & CTO EMEA, VMware Security has been solved for much of the physical […]

Comments

No comments yet

Add a comment

Your email address will not be published.

This site uses cookies to improve the user experience. By using this site you agree to the privacy policy