Skip to main content

Identity as a new perimeter and a shift towards novel security approaches.


Security landscape has been steadily changing due to proliferation of cloud computing and online services coupled with increasingly mobile workforce. The traditional perimeter and segmentation-based approaches alone no longer match the needs of this new security landscape. With static, well-defined perimeters eroding, organizations need to implement dynamic security approaches that are flexible and continuous in nature. Identity is quickly becoming a new perimeter and frameworks and architectures such as Zero Trust and Secure Access Service Edge (SASE) are redefining how cybersecurity is tackled.

But novel approaches don’t change the fundamentals. That's why I advocate for a time tested defense in-depth strategy that combines multiple and different methods of protection, both traditional and new, and infuses them with the cutting edge Machine Learning (ML) and Artificial Intelligence (AI) technologies that add behavioral dimension and automation to further enhance the practices around core cybersecurity functions (using NIST nomenclature - identify, protect, detect, respond, and recover).

IMHO, defense in-depth strategy doesn’t mean an assortment of technologies (often random) referred to as “best of breed”. Individual components are important, but they are less important than how those components work together. Approaches that rely on tight integration and hyper automation should be preferred; integrated, purpose-built, cloud-native platforms hold the most promise (e.g. SASE).

Organizations are locked in a race with bad actors (a general term for entities such as individuals, criminal enterprises, nation states, etc.) trying to exploit the weaknesses in their systems while being constrained by budgets and availability of skilled resources. That’s why Governance, Risk Management, and Compliance (GRC) activities are essential for understanding what high-value resources that need protecting are, what regulations need to be adhered to, and how much risk an organization is willing to accept.

When contemplating architecture, a good starting point is - what you already own. Incorporating solutions’ native features and controls to the maximum degree possible, will help with driving down the costs while improving integration and automation capabilities.

Finally, having a trusted advisor at your side armed with platform knowledge and lessons learned will save a lot of time and effort.

Whatever you choose to do, please - 
Be Cyber Safe, not Cyber Sorry!
We are an industry of cryptic names and acronyms 😀 and so I try to spell things out, give them definitions, and illustrate whenever I can -
 
Definitions:
  • User and Entity Behavior Analytics (UEBA) is a type of cyber security process that takes note of the normal conduct of users and entities, then detect any anomalous behavior or instances when there are deviations from these “normal” patterns.
  • Continuous Authentication is form of dynamic, risk-based authentication, that relies on continuous measurements such as location, behavior, and biometrics to change the perspective of authentication from an event to a process.
  • Security Orchestration, Automation and Response (SOAR) is a solution stack of compatible software programs that allow an organization to collect data about security threats from multiple sources and respond to low-level security events without human assistance.
  • Unified Endpoint Management (UEM) is an approach to securing and controlling desktop computers, laptops, smartphones and tablets in a connected, cohesive manner from a single console.
  • Endpoint Detection and Response (EDR) is an integrated endpoint security solution that combines real-time continuous monitoring and collection of endpoint data with rules-based automated response and analysis capabilities.
  • Threat Intelligence is evidence-based knowledge, including context, mechanisms, indicators, implications, and action-oriented advice about an existing or emerging menace or hazard to assets.
  • Threat Hunting is a pursuit of abnormal activity that may be sign of compromise, intrusion, or exfiltration of data.
  • Incident Response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack.
  • Security Information and Event Management (SIEM) collects and aggregates log data generated throughout the organization's infrastructure, from host systems and applications to network and security devices; then identifies and categorizes incidents and events, as well as analyzes them.
  • Zero Trust is an information security framework which states that organizations should not trust any entity inside or outside of their perimeter at any time. All users, services, endpoints, and data flows need to be attested to, authenticated, and authorized.
  • Secure Access Service Edge (SASE) is an architecture that converges network and security services into a cloud-based platform, centering on identity of users, devices, and applications.

Zero Trust:

Secure Access Service Edge (SASE):
Labels:

Comments

  1. imlanguagesOctober 21, 2020 at 8:33 AM

    I would like to thanks for sharing this article here. Probing for data cloud storage services Arista Networks Charlotte is the place where you get it. Thank you so much.

    ReplyDelete

Post a Comment

Popular posts from this blog

  Copilot Studio: Capabilities, Strategies, Scenarios 💡 Ready to Supercharge Your Team with AI? 🧠 A critical question for every leader: How do you transform the massive potential of AI into a practical, powerful, and cost-effective tool for your entire organization? 🤔 This guide explores various nuances of the AI adoption: 1️⃣ The Innovation Opportunity: The drive to deploy generative AI is reshaping the modern workplace, offering a monumental leap in productivity and creativity. This is the moment to empower your teams. 🚀 2️⃣ The Strategic Blueprint: Unlocking this potential requires a clear strategy. Navigating the licensing models for powerful tools like Microsoft Copilot Studio is the key to maximizing value and avoiding unexpected costs. 🗺 ️▶️ Our new interactive guide makes it simple. We break down the licensing paths, visualize the costs, and provide a clear, actionable roadmap for implementing a winning hybrid AI strategy. See how you can empower everyone, from citizen...
Post a Comment
Read more
  AI Agents as Trusted IoT/Software Defined Devices 🤖 Your Newest Endpoint Isn’t a Laptop; It’s an AI Agent. Are You Ready to Secure It? Dive into the next frontier of cybersecurity. Autonomous AI agents are no longer just code; they are powerful actors in our digital ecosystems. Treating them as simple software leaves a massive security gap. Our latest report introduces a new paradigm: The AI Agent as a Software-Defined Device. Discover the essential framework for securing the agentic future: ➡️ The Agent-as-Device Model: Learn why abstracting agents as software-defined devices, similar to IoT endpoints, is the key to managing their complexity and risk. Secure the “hardware” (host), “software” (agent logic), and “network” (communications). ➡️ A Digital Passport for AI: Move beyond static API keys. Explore how Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) create a cryptographic root of trust, giving every agent a verifiable identity and provable permissions. ➡️...
Post a Comment
Read more
  AI Trends in DevSecOps 🤖 The AI Co-Developer Is Here: Is Your DevSecOps Ready? Dive into the symbiotic evolution of AI and DevSecOps. While AI coding assistants are accelerating development at an incredible pace, they’re also scaling security risks and introducing a new, complex attack surface. Discover the critical shifts redefining secure software development: ➡️ Secure the Foundation First: Learn why 99% of organizations have sensitive data exposed and how to tame the “blast radius” of GenAI tools before deployment by focusing on data security posture. ➡️ The Intelligent IDE: Move beyond just finding flaws. See how AI-generated fixes are revolutionizing secure coding by slashing remediation times and empowering developers to fix vulnerabilities in seconds. ➡️ The War on Noise: Understand how AI is finally solving the false positive problem in CI/CD pipelines, making fully automated security gates an operational reality. ➡️ Think Like the Adversary: Explore the rise of AI Red ...
Post a Comment
Read more