The rapid expansion of the software attack surface has made cybersecurity mainstream technology. What first began as a method to provide point solutions and isolated regulatory compliance has evolved to address more sophisticated attack vectors and ever-changing complex regulatory compliances. A comprehensive cybersecurity program should embed security by design, be sustainable, cater to all compliance and gain customer and stakeholder confidence. Security has to be an invisible element of all digital programs to provide the assurance stakeholders want.
SECURITY ARCHITECTURE FOR LEGACY SYSTEMS
Growth Edge, Primitive Security
Legacy security controls are transformed with a secure access services edge framework
Software-defined wide-area network adoption is already at high speed with many of our customers. By replacing legacy multi-protocol, label-switching, widearea networks, the secure access services edge (SASE) framework transforms the security controls toward the edge.
Extended detection and response provides cross-layer security across the enterprise
XDR tools allow a security incident detection and response platform to consume the data from endpoints, network devices and security devices. This cross-layer security supports automated AI and ML actions that protect multiple vectors – from apps and data to end users – from security attacks.
Strengthened access governance brings greater transparency
The modernized needs of digital transformation require strengthened identity and access governance solutions to establish transparent access across onpremise, hybrid and cloud-hosted applications and infrastructure assets.
A zero-trust security model maintains identity as a core component
A zero-trust model establishes that the legacy approach that involves inherently trusting services, individuals or devices within the corporate network is flawed. Zero trust maintains that all users or devices, irrespective of their access location, be authenticated and authorized to access the requested applications or services.
Integrated data protection and classification tools enhance security at all touchpoints
Data loss prevention (DLP) tools protect data onpremises on endpoints (when in use), during transit (network) or at rest (on storage). DLP can be integrated with a CASB to ensure the same DLP policies are applied to cloud-hosted data. User entity behavior analysis (UEBA) capabilities in CASB can be used to provide role-based access control to applications or cloud-hosted data and detect suspicious user access activity.
Data encryption with key management becomes a best practice in cloud protection
Encrypting all sensitive data in the cloud helps prevent inadvertent access to other tenants or CSPs. However, key control needs to be with the organization. Key management-as-a-service (KMAAS) is a best practice wherein keys from vendors such as Thales can be used along with cloud-native encryption capabilities.
Greater focus is placed on supply chain security and vendor risk management
As organizations increasingly collaborate with partners and outsource work, the risk of compromise also increases in the supply chain. A single weak link can impact an organization’s security and reputation. Multiple high-profile third parties have experienced breaches, including consumer retailer Target, showing any business could be at risk.
Cyber metrics lead security governance enabling enterprise-wide stakeholder collaboration
As cyber threats increase and organizations deploy multiple security tools, chief information security officers (CISOs) struggle to understand the impact of their security posture and track the effectiveness of their initiatives. Transaction systems such as SIEMs provide only a snapshot of their current status and include excessive data for a strategic review.
Secure by design adoption embeds security early and ensures digital trust
Secure by design is the concept of identifying security requirements upfront and during the architecture definition and design phases, and then ensuring that security is verified during the build and test phases before go-live. Similarly, regulations for privacy such as GDPR mandate the concept of privacy by design, which ensures consent is captured and managed via data collection.
ERP on cloud adoption leads to a greater focus on business-critical ERP application security
ERP systems have been fundamental enablers and the epicenter of business. For decades, SAP and Oracle have been the largest ERP players. With enterprise assets and data collected, processed, analyzed and reported through ERP systems, they have been the target of frequent breaches. These threats have only increased with ERP applications moving to the cloud.
Orchestration, automation and response technology revolutionizes incident management
Incident management has traditionally been executed with defined standard operating procedures or playbooks. However, security analysts who were given these playbooks during an investigation provided inconsistent outcomes and delayed responses.
Cloud-specific protection programs provide advanced security monitoring
Traditionally, an organization’s data resided in its physical data center, where security controls were deployed and monitored. Now, as they move their data to reside in the cloud, its security is in question regarding who is accessing the data, how it is accessed and who is sharing the data. CASB solutions can help by shadowing data and IT.
Complete network visibility is enabled with tools that track operational technology
Main requirements from organizations included the visibility of IoT and OT assets, traffic and associated risk. The distributed nature of the assets made it difficult for enterprises to track and manage their critical infrastructure. The increasing attacks against their infrastructure necessitated the demand for monitoring operational and security events and implementing a proper incident management program.
Real-time security monitors detect vulnerabilities and violations in 5G
The evolution of 5G opens exciting doors for emerging technologies like IoT-based smart meters, connected cars and telehealth with lower latency, higher capacity, low energy, high throughput and increased bandwidth capabilities. But 5G infrastructure virtualization, network resource sharing, dynamic network topologies and slicing introduce novel security challenges like isolation flaws in 5G infrastructure virtualization.
Cloud security as code
A wide range of solutions for security are available from cloud service providers and cloud securityfocused providers that employ advanced technology. However, a dramatic change in implementation is needed if they want to empower developers to consume cloud services without compromising the implementation of security controls.
Context-aware and intelligent security technology emerges
Compliance and regulatory requirements are a big challenge in hybrid clouds. Today, these requirements are addressed through advanced and intelligent platforms from CSPs and specialized third-parties like Prisma Cloud that provide ready-to-use templates and policies for almost all known frameworks.
To keep yourself updated on the latest technology and industry trends subscribe to the Infosys Knowledge Institute’s publicationsCount me in!