Sergey Nivens - Fotolia

Out with the old, in with the new

Paul Key, global director security and compliance, Getronics, shares his thoughts about the need to keep track with changes in the market

Defending the network perimeter has had its day. Of course it’s important to have firewalls in place and robust malware defences.  But channel players who grasp how security has fundamentally changed, and weave it into client educational programmes, stand to generate substantial revenues.

Mobile working and cloud-based computing mean that traditional perimeter defences are no longer enough. The perimeter no longer exists in a cloud- and mobile-driven world and the typical moat-and-castle approach is no longer applicable for modern business practices.

Data flows over the traditional perimeter and in and out of the network in high volumes, whether it’s via cloud-based applications or storage, physical and virtual environments, private or public clouds.

Dramatic changes

The enterprise environment has changed drastically over the past couple of years. Organisations use both physical and virtual environments to improve service availability, become more cost effective and boost business capabilities. Mobile workforces are now a given while flexible home-based working is the rule rather than the exception.

Traditionally the channel, and the industry, has taken a siloed approach to security. There is a greater move toward security operations centres (SOCs) to provide an holistic view of security. But this tends to be large enterprises who realise that major breaches are going to hit share prices, and depending on the extent of the breach, company value may never recover. It happens.

Infrastructure gaps

A siloed approach is still common, however. By this I mean specialist vendors providing solutions to specific problems, no doubt all of them effective at what they aim to do. But this approach means that security technologies have to be attached to existing systems and infrastructure or applied at specific weaknesses. As a result gaps can be left open which attackers can and do exploit.

The world of cybercrime is always evolving, attacks are more diversified and adversaries get ever smarter. But we keep building new things on old infrastructure that never seems to get fixed. A threat can come via denial of service attacks, destruction of data and property, disruption of business, perhaps ransomware and theft of proprietary data, intellectual property and financial and strategic information.

Encryption can enhance security but it also provides malicious attackers with a powerful tool to hide command-and-control activity, giving them more time to inflict damage.

Evolution

Security must move with the times and evolve along with the IT ecosystem. In practice this means a better approach, in which security is at the heart of every component of every system. It must be designed into absolutely every component of everything we do, to provide higher degrees of protection and visibility that companies need.

It’s not just about security by design for the infrastructure tin and wires, it’s about centralised management across the entire environment including processes and applications. In a sense it’s a zero trust model in which organisations must adopt a ‘never trust, always verify’ approach. This then protects against a wide range of existing and evolving threats.

This approach, would for example, have protected against last year’s WannaCry outbreak. It would have identified operating system and endpoint vulnerabilities and monitored the attack taking place in real-time. This is typically what SOCs do but there are many businesses who can’t afford a SOC-based approach.

From the centre

But there are alternatives. Securing the environment starts with the identification of gaps, allowing for plans to be implemented to reduce business risk. A trusted provided like Getronics combined with an affordable centralised management tool, perhaps as-a-service, takes care of the entire environment whether its data travelling between a mobile device and the cloud, data storage processes, application security or network traffic monitoring.

Given the recent introduction of GDPR this approach has been given added impetus. It’s a great opportunity for the channel from an education and consultancy perspective and opens the door for greater business opportunities. But success ultimately depends on all of us working together; vendors, VARs, system integrators, resellers and so on.

If we can harness a collective focus, we’ll deliver the security that organisations need, garner a reputation for industry-leading insight and expertise, and build thriving security practises that address today’s urgent cyber security needs.

Read more on Threat Management Solutions and Services