Have pity on the poor CISO of any company you wish to name.
Related: The rise of “XDR”
As their organizations migrate deeper into an intensely interconnected digital ecosystem, CISOs are facing cyberattacks raining down on all fronts. Many work with siled security products from another era that serve only as speed bumps. Meanwhile, security teams are stretched and on the fast track to burnout.
Help is on the way. At RSA Conference 2022, which opened today in San Francisco, new security frameworks and advanced cloud-centric security technologies will be in the spotlight. The main theme is to help CISOs get a clear view of all cyber assets, be able to sensibly triage exposures, and then also become proficient at quickly mitigating unavoidable breaches.
Easier said than done, of course. I had the opportunity to discuss this with Lori Smith, Director of Product Marketing at Trend Micro. With annual revenue of $1.7 billion and 7,000 employees, Trend Micro is a strong leader in the ongoing transition to a more holistic approach to enterprise security, one much better suited to the digital age. For a full in-depth look at our discussion, please listen to the accompanying podcast. Here are the main takeaways.
Just a few years ago, BYOD and Shadow IT exposures were hot topics at RSA. Employees using their personal smartphones to download exciting new apps were a nightmare for security teams.
Fast forward to today. Businesses are moving towards a vastly expanded and increasingly interconnected digital ecosystem. The attack surface of corporate networks has expanded exponentially and new security vulnerabilities are appearing everywhere.
Additionally, the rapid increase in a remote workforce, as a result of Covid 19, has only served to accelerate the migration to the cloud, as well as increasing the network exposures that come with it. . Unmanaged smartphones and laptops, misconfigured SaaS (Software as a Service) applications, unsecured Internet access are more of a business risk than ever.
“The increased number of these cyber assets means there are more potentially vulnerable cyber assets,” Smith says. “This opens up an even larger and more profitable attack surface that cybercriminals are only too eager to target and exploit.”
In this hyperkinetic environment, a busy CISO must be able to visualize risk at a high level, as if moving in slow motion, and then make smart strategic decisions. No single security solution does this today; There is no miracle solution. And the usual set of security tools – firewalls, endpoint detection, intrusion detection, SIEM, etc. – typically organized in siled layers to protect on-premises networks, is also insufficient, Smith says.
See, assess, mitigate
In life, solving any complex challenge often comes down to getting back to basics. Businesses can take several viable paths to start doing this when it comes to network security. Trend Micro is on the side of advocating that a more holistic security posture can be achieved by securing three fundamental capabilities.
The first is the ability to see everything. Businesses need to have a clear view of every component of on-premises, private cloud, and public cloud IT infrastructure, Smith says. It’s not a snapshot; it’s more of a process of continuous discovery of ever-changing tools, services and behaviors, she says.
Observes Smith: “It’s about getting visibility into all cyber assets, internal and external, and answering questions like, ‘What is my attack surface?’ and “How far can I see all the assets in my environment?” “How many assets do I have?” “What guys? “What types of profiles do my assets have and how is this changing over time?”
The discovery and continuous monitoring of all cyber assets enables the second essential capability: performing strategic risk assessments to gain important insights into the state of their cyber risks and security posture. Need a roadmap? CISOs need only follow the principles developed over the past 200 years by the P&C insurance industry.
It comes down to taking an informed approach to sorting out cyber exposures, Smith says. Organizations need a better understanding in order to prioritize the actions that will help them reduce their risks the most. It identifies the security controls that need to be in place based on that cyber asset. For example, strong authentication and least privileged access should be essential for sensitive assets, but may be unnecessary for benign assets.
The third capability relates to risk mitigation. Data analytics and automation can be applied very effectively to dial in the optimal mix of security and agility, at scale. “It’s about applying the right controls,” Smith says. “Whether it’s automated remediation action using security playbooks or proactive prioritization and implementation of recommended actions to reduce risk.”
Towards global security
It’s remarkable – and telling – that Trend Micro got its start in 1988 as a vendor of a siled security product: antivirus software. The company has evolved to keep pace with changing network architectures and a threat landscape in which threat actors always seem to be several steps ahead of security teams.
Trend Micro One, its unified security platform, along with its XDR capabilities, represent the latest iteration of its product strategy. Consolidating native Trend Micro tools and services with integrations from partner solutions will help organizations put aside their siled defense mentality and achieve comprehensive security in a powerful way.
“For effective security, you need to have protection, detection, and response in place,” Smith says. “And you need to have this ongoing attack surface discovery and risk assessment in order to prioritize your actions and optimize your security controls appropriately. . . I think that’s why we’re seeing Security platforms, in general, are gaining momentum; because today’s environment demands this holistic approach.
The rise of security platforms optimized for modern networks is an encouraging development. It’s early; there is more to come. I will monitor and continue to report.
Byron V. Acohido, Pulitzer Prize-winning business journalist, is dedicated to educating the public on how to make the Internet as private and secure as it should be.
(LW provides advisory services to the vendors we cover.)
*** This is a syndicated Security Bloggers Network blog from The Last Watchdog written by bacohido. Read the original post at: https://www.lastwatchdog.com/rsac-insights-security-platforms-arise-to-help-companies-discover-assess-and-mitigate-cyber-risks/