Andy Milne, RVP, UK, Fore scout explains how cyber security teams can rise above device complexity by implementing orchestration platforms to simplify management and security of their entire digital terrain.
According to recent datafrom KPMG and Oracle, 78 per cent of enterprise and government organisations employ over 50 security tools to protect their networks today. Each of these solutions play a critical role in either detecting, preventing, or remediating security threats and, whilst this approach protects against the wide variety of attacks we see today, it also creates complexity and significantly burdens already over-stretched and under-resourced security teams who have to manage them effectively.
Businesses across all industries are experiencing a constantly fluctuating environment, with a proliferation of familiar and unfamiliar devices joining the networks every day. Network and security teams have been used to device volumes exploding in their traditional IT estates, but they are now challenged with new device types, operating systems and configurations joining their networks across mobile, Internet of Things (IoT), Operational Technology (OT), cloud and Internet of Medical Things (IoMT). As each new device is added, the attack surface grows, and potentially exploitable doors open for cybercriminals.
This means every device must be considered a potential threat vector. As a result, security teams require accurate and real-time visibility across all network and device assets, so they can spot security, compliance, and configuration risks instantly. This helps them remediate devices automatically to minimise their organisation’s vulnerability to cyber-attack.
Solutions that create problems
To tackle this challenge of protecting an ever-changing attack surface against an ever-changing threat landscape, organisations have deployed a wide-variety of security solutions to counter every eventuality; but whilst this approach provides defence-in-depth protection, it also creates unmanageable complexity.
Each security product has its own propriety management console for creating and managing security policies, and each has its own control functionality so that policies can be enforced across the network. This siloed approach to policy management and control creates complexity where individual compliance (Zero Trust) policies must be configured across disparate tools, but work together harmoniously, and require regular maintenance to keep them in concert. To manage this complexity requires hard-to-find skills and resources, is time consuming, and often results in governance gaps, which expose the network to risks.
Organisations need a new approach to tackle this challenge, where they can simplify their security architecture and centralise Zero Trust policy and control in one place, to remove those governance gaps, and reduce the burden on their valuable security teams.
One system to rule them all
A practical and effective solution is to introduce a software-defined governance layer between the network and the endpoint devices. This network and device agnostic governance layer will enable real-time visibility and monitoring of the security and compliance state of all infrastructure components. It will also enable security teams to respond in real-time to risks as they appear on the network. This type of governance platform should be easy to implement, work in any environment, and augment existing security investments by enriching them with real-time device intelligence and orchestrating their control functionality to automate cyber security management.
Providing a 360° view of an organisation’s network and security architecture across all site locations, including campus and branch, data centres, cloud, and industrial sites, with the ability to centralise Zero Trust policy enforcement and automate remediation tasks, will reduce complexity, reduce burden on security teams, and improve performance in Security Operations Centre (SOC) and IT Service Management (ITSM) teams.
The cyber security challenges organisations are facing today can no longer be solved entirely through deployment of more and more products. Instead, the focus needs to be on improving efficiency, enabling interoperability, automating workloads, and cutting down manual overheads, because companies cannot grow teams at the rate required to counter the evolving threat landscape of today.
To reduce risks and improve efficiency, it is time to rise above the complexity of device security. Instead, security teams need to implement new security orchestration tools to help alleviate their workloads, which also enable them to manage and maintain the security of their entire digital terrain from a single interface.