Everything you think you know about IT Security is probably wrong

Posted on 06/06/2019

We’ve all seen the stats, heard the statements and know the consequences – cyber threats are continually on the increase, and it’s a matter of when, not if, your organisation is penetrated.

Yet at the same time, we’re spending more than ever before on security. How does that work?

It’s a situation Pat Gelsinger, VMware CEO, described as ‘fundamentally wrong’ in his He pointed out that while more of our lives are coming online, and our digital footprint (and potential attack surface area) grows, security lags behind.

The traditional approach is the firewall – a barrier at the edge of the organisation, deflecting threats from the perimeter. Unfortunately, as Gelsinger said, ‘in today’s multi-cloud, multi-service world, there ain’t no edge’.

At a time when criminals using machine learning to automate weakness identification was highlighted as a major trend in another at the event, being able to secure our complex operations is becoming harder than ever.

Three steps to change security

It’s a challenge that has to be overcome. The consequences of failing to do so don’t bear thinking about.

To do that, Gelsinger outlined three things that need changing:

Firstly, mindsets need to shift from a reactive to a preventative mindset. As the keynote covers, the biggest threat to security is the hyper-focus on security threats. That’s reactive – trying to counter what’s out there.

Currently, according to VMware analysis, 80% of budget is spent on reactive measures. That isn’t changing any time soon – 72% of VC funding is going on reactive security start-ups.

That needs to change – the triangle needs to be turned upside down. If organisations invest in prevention, then they nullify a lot of the easy access points that hostile parties look for.

Secondly, it’s time to focus on applications, not hardware. Applications are the reason there is no edge these days – they are made up of a complex mix of services and systems, with parts in different environments. Why would a cyber threat target a secure data center if it can find a back door in the web end of an application?

Finally, it’s time to make security intrinsic – to build it in. Too often, it’s an afterthought – ‘we’ve built this, we better secure it’. Anything additional becomes separate and can quickly become out of sync with what it’s supposed to be defending. It’s something else that needs to be considered. Shannon Lietz, director of DevSecOps at Intuit joined Gelsinger on stage to provide a practitioner perspective. One of the points she made was that ‘complexity is the enemy of security’.

There’s the example of a major bank that has a handful of vendors providing network, storage and servers, yet over 250 providing security services. How does the organisation keep all that updated and properly integrated? All it takes is one out of line system and it’s an easy way in.

Yet build something in and it can’t be turned off without turning off the entire application. It gets updated at the same time, it is hardwired in to the systems and services that make up the application.

Gelsinger called this the ‘firewall for the cloud era’, or the Service Defined Firewall.

The future is software-defined security

The keynote ended by Gelsinger summarising the way forward – to deliver a secure future, there needs to be a software-defined, agile, machine-learning infrastructure with security intrinsic to its build.

Interested to know what our other top highlights of RSA Conference 2019 were? Take a look at on Radius and be sure to watch Pat and Shannon’s discussion in this  .


Category: News

Tags: , , , , , , ,

Related Articles

Posted on 27/03/2019 by vmwareemeasmt

Five reasons why the cloud can help CIOs close the ‘innovation-execution’ gap. Richard Munro, Director, Global Cloud Strategy, VMware

Innovation is king. In the face of rising expectations and disruptive digital competitors, enterprises are desperate to innovate to safeguard their businesses and unlock future growth. Yet how often do we see many struggle to be able to execute? Look at Xerox, Kodak, Nokia. All big names that struggled to adapt to the changing demands […]

5 minute read
Posted on 22/01/2019 by vmwareemeasmt

Scalable cloud monitoring generates the granular insight to empower developers in the smart home sector

Ten years ago, the most common form of engagement we had with utilities companies was either the monthly bill or calling to report a fault. Neither promised to be particularly pleasant. With the advent of smart home apps, and the remote control of thermostats, lights and security cameras, that engagement has been transformed. And there […]

2 minute read
Posted on 13/08/2019 by vmwareemeasmt

VMware Cloud on AWS: Get your basics right Part 3: Extend on-premises infrastructure to the cloud

By Sonali Desai, Product Marketing Manager Data center extension enables VMware Cloud on AWS users to extend on-premises infrastructure to the cloud to meet fluctuating capacity requirements. Learn about common challenges and how to overcome them in the final instalment of our three-part series. In the first blog of this series, we introduced VMware Cloud on AWS […]

9 minute read

Comments

No comments yet

Add a comment

Your email address will not be published.

*

This site uses cookies to improve the user experience. By using this site you agree to the privacy policy