By Zach Malone, security engineer, FireMon
Cybersecurity in 2018 can be best described in one word: complex. Yes, complexity has infiltrated every phase of the cybersecurity landscape this year, from bloated and expensive IT infrastructures to sophisticated cyber-attack methods, too complicated compliance mandates. The aftermath of the complexity epidemic has caused countless data breaches, exacerbated the cybersecurity skills shortage, and left organizations of all sizes struggling with ineffective security programs.
It’s time we right the ship that has been taking on water for years. And I believe 2019 will be the year that cloud providers, security vendors, and organizations will all make great strides toward simplifying, yet strengthening, security. Here are three predictions detailing how this will unfold in the New Year:
- Cloud providers will adopt a “security By default” approach to reduce user error.
In 2018, cloud providers provided tools to secure their infrastructure, and vendors provided tools to secure their products. But there were two problems: 1) lack of an instruction manual and
2) Access defaults set to “wide open.” As a result, as more and more organizations moved data, services, and workflows to the cloud, configuration errors (which is a polite way of saying “human error” or “lack of knowledge”) emerged as the leading cause of cloud breaches.
Configuration errors typically happen in one of two ways: 1) misconfigured cloud-native security controls due to the data owner’s lack of knowledge about how to use them properly, and 2) misconfigured internal enterprise security controls, which is common when the product and DevOps teams prioritize time-to-market over
Security. (And this gets us back to the two sets of tools with no instruction manual!)
Cloud providers are starting to take steps toward providing users with a deeper understanding of their offerings and related security controls. And, in 2019, we’ll also see them implement a “security by default” approach, in which they take the security controls already built into their platforms and ensure they are “on by default.” Simplifying security in this way should reduce human error, along with associated vulnerabilities and gaps in security defenses.
- Organizations will revert back to Security basics.
In a threat landscape dominated by sophisticated cyber-criminals, advanced malware, and an ever-expanding attack surface, many companies have become so overwhelmed with cybersecurity that they are dazed into inaction. Other organizations knowingly opt to risk a data breach or compliance fine rather than put proper security defenses in place, because of the associated complexity and costs. And in other cases, companies have security programs in place, but the complexity of their infrastructure creates vulnerabilities and security gaps that actually introduce risk, rather than mitigate it.
The key to overcoming any of these situations is to start simple, and, in 2019, we’ll see organizations prioritize policies and processes that focus on the tried and true basics, such as “AAA”: Authentication, think User Directory and Multi-Factor Authentication; Authorization, which handles the permissions a user should have once authenticated; and Accounting, which watches and verifies the integrity of the user’s account from internal and external changes.
- Companies will favor all-in-one security devices over standalone point products.
Most organizations have overbought security technology, resulting in a cacophony of tools that are ineffective or redundant. Realizing this isn’t the best approach for security or the business, in 2019, we’ll see organizations move to simplify their security infrastructures by replacing endless point solutions with the optimal mix of multi-function security tools and services.
From a vendor perspective, this means that point solutions will continue to evolve into multi-purpose devices. Firewalls are a great example of this progression. The traditional firewall was designed with a singular focus: to protect a company’s assets from the outside world. However, thanks to cloud computing, virtualized application deployments, containerization of applications and other new technologies made possible by digital transformation, a concrete corporate perimeter no longer exists, and firewalls have had to adjust, both in purpose and technology.
Today’s next-gen firewalls are now responsible for providing organizations with visibility into and control over hybrid environments, automating change and policy management, and ensuring continuous compliance, among a host of other responsibilities. Contrary to what many may think, firewalls are not dead – but they have changed.
Less is more
Cyber-crime attacks are getting more frequent and more effective. To gain the upper hand over malicious actors, we must replace security complexity with a simplified, streamlined approach to infrastructure and operations. Only then can we make cybersecurity programs simpler, stronger and more effective at reducing risk.
About the Author
With more than a decade of experience, Zach Malone is a seasoned security engineer specializing in cybersecurity, compliance, networking, firewalls, IoT, IPSec, system deployment and orchestration. At FireMon, Malone delivers technical demonstrations and proof-of-concept evaluations to move prospective customers from service assessment to purchase. Prior to joining FireMon, Malone was a security engineer at Cadre Computer Resources Co., where he helped organizations of all sizes design implement, support, and test security products and operations. Before that, he served as a Diamond/Escalation engineer at Check Point Software Technologies and a network administrator at Choate Professional Communications and Infrastructure. Malone attained the CISSP certification in April 2018.