Home » Employing effective security in enterprises
Home » Employing effective security in enterprises
In a previous role, Levi was the VP of product, cloud security, overseeing product development, business development, and strategy for all cloud security products. Before that, he led networking and security product management for Cisco’s Meraki business where he helped define and build Meraki’s cloud-managed technology portfolio to meet the rapidly evolving demands of digital businesses. Levi’s earlier career roles include executive positions in product management as well as engineering management.
The evolution of the cyber security space has gone through several stages, starting with early attacks by curious enthusiasts using simple techniques and tools. In response to these attacks, vendors developed point solutions to address specific security threats. As the internet and computer networks became more widespread and sophisticated, the number and complexity of attack vectors increased, and the focus shifted from individual point solutions to more comprehensive security suites.
As the threat landscape continued to evolve, nation-states and organized crime groups began to play a more significant role in cyber-attacks, using increasingly advanced techniques and tools to target individuals, businesses, and government organizations. To defend against these threats, enterprise customers have to deal with dozens of vendors, each offering a different solution to a specific security problem. This leads to a situation where businesses need to manage an array of point solutions, which could become difficult to integrate and manage effectively.
In the current era of public clouds, the attack surface has expanded even further, as businesses increasingly rely on cloud services to store and process data. The complexity of these systems, combined with the challenges of managing security across multiple cloud environments, has made it difficult for businesses to keep up with the evolving threat landscape.
The result is that security incidents occur, not because of zero-day attacks or sophisticated techniques, but rather due to the complexity of the systems and the inability of humans to effectively manage everything. This has led many experts to conclude that the current path of the cybersecurity industry is no longer sustainable and that something needs to change in order to address the increasing challenges and threats facing businesses today.
Raviv : Cloud security has become one of the biggest challenges businesses are facing today, primarily due to the rapid growth and adoption of public clouds. According to a recent survey, over 90% of new applications developed are made for public clouds and adoption will increase in the coming years as traditional data centres (‘private clouds’) move to a public cloud environment. However, many businesses have rushed to embrace the benefits of the cloud, such as increased agility and reduced costs, without fully considering the security implications. As a result, they have ended up with cloud environments that are vulnerable to attacks and data breaches.
Some common challenges in cloud security include:
Managing the shared responsibility model: One of the unique properties of the cloud is the shared responsibility model, which means that while the cloud provider is responsible for securing the infrastructure, the customer is responsible for securing their own data and applications. This can be challenging for businesses, as they may not have the necessary expertise or resources to properly secure their applications and data in the cloud.
Dealing with multiple security vendors: Security teams are often overwhelmed by the number of security vendors they have to deal with and struggle to manage them all effectively. According to one survey, the average enterprise uses 50 different security vendors, and this number is expected to continue to grow in the coming years. This can lead to a situation where businesses are trying to manage an array of point solutions, which can be difficult to integrate and manage effectively.
Managing complexity: Cloud environments can be complex, with multiple clouds, regions, accounts, and applications to manage. This complexity can make it even more difficult for security teams to get a clear overview of the security posture of their organization. In addition, the constantly evolving threat landscape and expanding attack surface can make it difficult to stay ahead of or even effectively prioritize threats and vulnerabilities.
Balancing security and developer needs (shift left): Due to the nature of cloud-native development (CI/CD – Continuous Integration / Continuous Delivery), it is no longer feasible to consider security “when the application is done”. Key aspects of security have to move out of the security team and into the development team, which creates a unique challenge. Developers want products that are easy to use, flexible, and efficient, while security teams need products that are secure, compliant, and integrate well. Striking the right balance between these competing demands can be difficult, especially in an environment where the threat landscape is constantly evolving, and the attack surface is constantly expanding. Moreover, in order to win developers’ hearts and minds, products need to consistently deliver value that’s beyond “you’re secured”.
However, this trend has the potential to improve security by integrating security controls into the development process, although it can also create new challenges as development teams may not have the necessary security expertise or resources to effectively implement and maintain these controls.
Raviv : It is likely that passwords will eventually be phased out as a primary means of authentication, but it is unlikely to happen in the near future. One of the main challenges with passwords is that they can be complex and difficult to remember (especially if they need to be replaced regularly), which leads to users adopting insecure practices such as reusing passwords for multiple accounts or writing them down. All of these factors weaken the security that a user gets from the system they use, as complexity is the number one enemy of security. While there are many alternatives to passwords that have been proposed, such as biometric authentication, one-time passwords, and token-based authentication, these methods have their own challenges and limitations.
Overall, it is important for businesses to adopt a risk-based approach to authentication and consider a range of different methods, rather than relying solely on passwords (continuous risk assessment, multi-factor authentication, and identity threat detection and response should always be considered in my opinion). This will help ensure that businesses have a secure and effective means of authenticating users and protecting their systems and data.
Raviv : To protect against sophisticated cyberattacks, enterprises should employ a multi-faceted approach that involves reducing complexity, employing a zero-trust model, leveraging a security platform, and adopting a risk-based approach.
First and foremost, it is important to reduce complexity wherever possible. This means streamlining processes, consolidating systems and tools, and simplifying the environment as much as possible. Complex environments are more difficult to secure and maintain, and they provide more opportunities for attackers to exploit. Next, enterprises should adopt a zero-trust model, which makes sure that the permissions are right-sized for user identities and their roles, ideally with continuous monitoring that extends beyond the initial authentication. This approach helps to reduce the attack surface and minimize the risk of unauthorized access.
Leveraging a security platform can also be an effective way to protect against cyberattacks. A security platform consolidates multiple security tools and services into a single, integrated solution, which can help in simplifying the environment and improving security posture. Moreover, as many attacks span across different elements of the system, it is highly important to have a comprehensive view and the ability to take action across the system (for instance, through consistent or unified policies). Finally, adopting a risk-based approach can help enterprises to prioritize their security efforts and focus on the areas that are most critical to the organization.
It is unfortunately a fact that there will always be vulnerabilities and trade-offs between security and other elements of the business. Evaluating the risks associated with different assets and prioritizing the protection of those assets accordingly would allow the business leadership team to better manage (and understand) security risks.
It is also important to note that in today’s day and age, security is everyone’s responsibility, not just the security team. To be effective, the organization’s security efforts need to be aligned across all departments and functions. This requires strong leadership, clear communication, and ongoing training and awareness efforts to ensure that all employees understand the importance of security and their role in protecting the business and the organization.
Raviv : Standardization, regulations, and compliance can play an important role in ensuring the privacy and security of users, especially in today’s digital landscape where large enterprises and nation-states may not always have the best interests of users in mind.
Privacy is a particularly important aspect of standardization, regulations, and compliance. As more and more personal data is being collected and stored online, it is essential that there are clear rules and guidelines in place to protect the privacy of users. This includes requiring companies to obtain consent before collecting and using personal data, as well as ensuring that personal data is stored and transmitted securely.
Standardization, regulations, and compliance can also help to level the playing field and protect users against large enterprises and nation-states that may have more resources and influence. By setting clear rules and guidelines, these standards can help to ensure that all organizations, regardless of size, are held to the same standards of privacy and security.
On the bright side, the transition that we are seeing on the internet from a “global village” to many different villages with different rules and regulations can create opportunities for a new breed of start-ups and companies that can help businesses streamline their compliance and standardization programs, as well as present their results transparently to users. This could lead to a safer digital space for us to live and do business in. However, we are not quite there yet, and navigating the different rules and regulations that apply in different regions can still be a challenge for users and organizations alike.
Raviv : There are several major trends that are shaping the future of enterprise security.
- One trend is the massive increase in security incidents, attack vectors, and ransomware. Sure, there has been a steady incline for a decade, but the number of attacks we’re seeing these days cross a threshold where it is clear that every organization will get attacked and/or breached and that properly integrated security, as well as a security plan and paradigm, is no longer optional for organizations.
- Another trend is the increasing importance of cloud-native security and the role of public clouds in enterprise security. As more and more companies move to the cloud, the need for security solutions that are specifically designed for cloud environments is becoming more pressing. This includes solutions that can protect against threats such as data leakage, account takeover, and service disruption. Shift left ties nicely into this one since it is no longer enough to “secure the cloud” given the CI/CD and other properties and security have to be employed as part of the development process.
- A third trend is a growing recognition that security is a key component that needs to be integrated across the organization and beyond the security teams (shifting security left in application development is one example). This includes not only IT and security departments, but also business units, legal, HR, and other departments that have a role to play in protecting the organization against threats.
- A fourth trend is the growing market demand for security from companies and the increasing liability of c-level executives in the event of security incidents. Companies are increasingly recognizing the importance of security and are looking for solutions that can help them protect their assets and data. At the same time, c-level executives are being held more accountable for security incidents, as investors and customers demand greater transparency and accountability.
- Finally, the complexity of the security landscape is leading to a trend toward open platform approaches from leading vendors. In order to effectively protect against threats, enterprises need solutions that can integrate with a wide range of technologies and systems. Leading vendors are responding by offering open platform approaches that allow customers to build custom security solutions that can be tailored to their specific needs and requirements.
In the spotlight