One of the biggest emerging challenges for organisations looking to bring their cyber security systems into line with today’s fast moving and sophisticated threat landscape, is the fact they have so many different tools and technologies, all speaking different languages.
As many a CISOs and CIOs would attest, it’s akin to having say, your endpoint tools speaking French, SD-WAN speaking Hindi, Cloud Access Service Broker (CASB) nattering away in Greek, with SaaS applications only speaking Japanese.
Unrealistic expectations
So with technology leaders facing unprecedented pressure – and accountability – for delivering robust cyber security frameworks, is it reasonable to expect them to understand 10 or more languages? Furthermore, to expect that they should be able to translate every language into ‘English’ and then identify anomalies in real-time? And also as each ‘language’ morphs and evolves with its own ‘idioms’ and ‘slang’.
The processes needed to ‘translate’ these different tools is leading to debilitating inefficiencies and poor performance, ultimately defeating the purpose of deploying them in the first place.
In a world mixed with on premise and cloud-based systems and data repositories, coupled with the move to the edge and ever more fluid working arrangements, it’s simply not possible to have proper visibility and control over information security.
Visualise a major cyber security incident as a full grown elephant. While it might seem silly, it serves to illustrate the real world situation many organisations find themselves in if they’re managing too many disparate systems.
One tool might identify an elephants tusk as a ‘spear’, while another sees the trunk as a ‘snake’, with ears being reported by another source as ‘fans’.
Ultimately, neither CIOs, CISOs and their teams – let alone the c-suite and board – really understand the whole threat situation, and therefore what’s really going on.
Security as a platform
The obvious solution to all of this would be to have one single, interconnected, easy-to-manage and configure cyber security platform. But if that sounds easier said than done, you might be right.
Achieving true ‘security-as-a-platform’ means you should be able to tick these six boxes:
- Connect – provide secure and seamless connectivity from anywhere
- Protect – implement Zero Trust security to protect apps, users & data
- Visibility – gain complete visibility across the IT estate
- Control – stop bad things coming in and good things (our data) leaving
- Detect - the capability to sift through the noise and detect anomalies
- Respond - the experience and skills to address real threats
Together these points describe an environment whereby tech leaders are able to combine complete visibility and control with the ability to grant as much freedom as possible, while at the same time having the capability to react and respond in the unfortunate event of a critical breach.
This is further supported by these following three core pillars.
- Security Operations Centre (SOC)
- Extended Detection and Response (XDR)
- Secure Access Service Edge (SASE)
The third pillar above, SASE, is as any serious technology professional knows, emerging as the dominant framework for true business data management and security, reflecting today’s more complex, diverse and vulnerable digital landscape.
Whether staff are working connected to on-premise systems, using apps in the cloud, and / or working from a location at the ‘edge’, such as branch offices, or from home, SASE is arguably the most important pillar supporting true ‘security-as-a platform’.
And for CIOs, CISOs and others responsible for cyber security, it means they have the right frameworks and tools they need to monitor, manage and secure the most complex digital environments.
If you would like to discuss your security requirements Click here to get in touch with one our team.
Ask the Author