Enhance cybersecurity capabilities
Businesses operate in a digital ecosystem that’s ever more connected, collaborative and complex. In this environment, they need to make sure they can understand and navigate new relationships in order to perform as effectively as possible, while managing their risk at an optimal level.
That means becoming a “self-sustaining enterprise.” What does this mean? Think about the business ecosystem as a neighborhood. A self-sustaining enterprise understands and responds to who’s moving in and out, what they’re doing and what threats they present.
The self-sustaining, intelligent enterprise will enhance existing cybersecurity capabilities through automation, machine learning, software-defined networking and new infrastructure approaches to maximize resilience and deliver agile response and recovery.
Cyber risks in a new business ecosystem
As the connectedness of physical and digital worlds increases, so does the attack surface. This creates new and heightened security risks. There are three key dimensions to this:
- Proliferation of insecure devices: Everything that can be connected will be. But efforts to embed security measures in connected devices are way behind, with little guidance and few standards. Device manufacturers have no real incentive to address this. Being the first to market and maximizing ease of use are their primary goals.
- Merging of personal and professional lives and data: Not only are people bringing their own devices into the workplace, the business itself is stretching traditional boundaries through a distributed, liquid workforce operating beyond the traditionally highly patrolled perimeter.
- Attackers “weaponizing” the internet: Increasingly sophisticated and well-funded attackers are turning benign devices into weapons that are threats to businesses, industries and even nation states. With the scale and frequency of attacks seen today providing just a foretaste of what’s to come, organizations’ approach to security will have to evolve dramatically to counter this growing danger.
Characteristics of adaptive, intelligent security platforms
The foundation for building the self-sustaining enterprise is trust. Organizations must know the level of trust for every asset within their “neighborhood”—whether that’s users, devices or data. But rather than relying on people to make that assessment, the self-sustaining enterprise needs to harness new technologies such as AI and new infrastructure paradigms that can keep pace with constantly shifting attack surfaces.
With this foundation in place, the enterprise must build an adaptive, intelligent platform that can deliver a self-healing, scalable security environment. Some of the key components of this platform include:
- More sophisticated identity methods: Deploying new methods like advanced biometrics to manage persistent identity.
- Going serverless: Applications built within a serverless architecture exist as individual functions, with a strong definition for how data needs to flow between them. This enables security to model an application’s behavior and identify any changes that may indicate threats.
- Thinking about infrastructure and security as code: Software-defined security has controls designed independently of the physical infrastructure. Virtualizing in this way provides the flexibility and agility to control and quarantine small parts of the network/device.
- Becoming dynamic: As threats or risks change, the self-sustaining enterprise responds by segmenting, moving and morphing assets with a much more fluid and unpredictable approach to managing business risks, protecting assets or containing incidents.
Our vision for a secure future
A self-sustaining approach enhances existing cybersecurity capabilities through automation, machine learning, software-defined networking and new approaches to infrastructure. So how can businesses get started on this critical journey?
- Understand the availability and sustainability goals for key business processes based on acceptable levels of risk.
- Identify applications that can be logically separated from their operational components into microservices and events.
- Consider how security services can be shared for reuse/consistency, evaluate how they could be more effectively applied to microservices and events, and revisit security requirements for business functions and services.
- Identify security functions that can be provided as a virtual service through serverless and network virtualized functions of software-defined networking.
- Build a robust identity and access management system to detect and manage new and existing assets—including users, devices, data and communications—to dynamically and continuously determine how trusted they are.
- Integrate products and/or techniques that “think” and “react” with minimal human effort (for example, AI and advanced analytics) to enable the self-sustaining environment.