A Platform Approach to Cybersecurity – It’s simply Smarter Cybersec (Guest blog by Network Science)
The last couple years have seen a radical shift in the way companies across industry sectors and regions function. The accelerated digitization of external customer and supply chain channels as well as internal operations during Covid-19 have driven organizations to deploy multiple technology solutions in order to deliver the digital capabilities to meet business requirements and stay competitive in the new economic environment. Hybrid working models that combine remote work and office time, together with the rapid shift to the Cloud to power some of these new digital capabilities, have resulted in the proliferation of hybrid and highly distributed enterprise-IT infrastructures.
This, compounded with the ever-growing swathe of cyberattacks, has put an exceptional strain on IT departments and security teams, as they try to secure this new digital ecosystem with siloed legacy tools and approaches that simply lack the ability to enforce an integrated strategy and granular control that modern businesses now require at scale.
The vanishing enterprise perimeter and the risks it has brought
In the past, there was a well-defined enterprise IT perimeter. All users, devices and systems sat within this high-walled network. However, the continuously growing mobile workforce and digital transformation based business drivers for an extended enterprise ecosystem have resulted in an ever expanding and blurring enterprise perimeter. Furthermore, the Internet of Things (IoT) now connect numerous everyday devices, opening up previously closed systems to remote access & control.
Under pressure to quickly deliver a greater number of capabilities, technology teams implemented several point solutions – single, often standalone tools created to address very specific requirements. The same happened with Cybersecurity, with a whole bevy of point solutions deployed to stave off specific types of threats and secure the complex extended enterprise landscape. And, while deploying best of breed security solutions seemed like an obvious way forward at a point in time, the loosely coupled and poorly integrated set of security systems has resulted in a disorganized enterprise security architecture - riddled with holes, challenging to operate, and expensive to maintain.
The platform approach to Cybersecurity - A smarter way forward
Organizations, now faced with a rapidly expanding attack surface, require a simple yet integrated cybersecurity strategy to secure IT assets and information from the ever-growing and sophisticated cyberattacks. Taking a platform approach can unify the disparate security tools deployed, expand visibility and control across vectors, and ensure the enforcement of cybersecurity policies within the organization and beyond.
Today, a growing number of modern methods and emerging technologies make it possible to take the various piece-meal point products and look at them holistically as a comprehensive, integrated, and scalable whole. One emerging approach that is swiftly becoming the preferred option among progressive security and operation teams is Zero Trust.
Rooted in the principle of “never trust, always verify,” Zero Trust is designed to protect hybrid digital environments by leveraging micro-segmentation, preventing lateral movement, enabling target asset invisibility, endpoint posture checks, multi-factor authentication, and simplifying granular user-access control. It provides for precise secure access to applications and environments, independent of user, device, and location. When combined with sophisticated architectures and emerging technologies like Blockchain and Software Defined Perimeter (SDP) architecture, Zero Trust can empower a platform approach to cybersecurity, reducing security gaps caused by standalone point products, consolidating operations, and decreasing costs.
The Blockchain is an immutable time-stamped series of records that is cryptographically secure, distributed, and managed by cluster of nodes. The three core pillars of Blockchain technology – Decentralization, Transparency, and Immutability – deliver a scalable, resilient, and robust platform with the ability to serve as an integration appliance eliminating a single point of failure, a synchronization tool providing a common frame of reference between disparate, siloed security systems, and an immutable, tamper-proof store of administrative logs.
So where does enterprise cybersecurity head from here?
With employees, contractors, suppliers, and clients now requiring anytime, anywhere, instant access to applications, the migrations of infrastructure and systems to the cloud, and themes like BYOD becoming the norm, the previously closed IT environment has quickly transformed into a multi-cloud, highly networked and widely distributed ecosystem. A platform approach will enable organizations - public and private - to consolidate their security efforts, establish a well-orchestrated cybersecurity posture, and deliver protection via a cybersecurity mesh across users, servers, endpoints, and the entire distributed network. While this is easier said than done, and there is no one size fits all solution to completely safeguard against cyber threats, modern approaches and emerging technologies are available to help IT and security teams to forge a platform strategy, deliver an integrated security posture across hybrid, multi-Cloud environments, and effectively preserve the confidentiality, integrity, and availability of an organization’s overall IT ecosystem. It’s simply smarter cybersec.
Help to shape and govern the work of techUK’s Cyber Security Programme
Did you know that nominations are now open* for techUK’s Cyber Management Committee? We’re looking for senior representatives from cyber security companies across the UK to help lead the work of our Cyber Security Programme over the next two years. Find out more and how to nominate yourself/a colleagues here.
*Deadline to submit nomination forms is 17:00 on Tuesday 18 October.
Cyber Innovation Den
On Thursday 3 November, techUK will host our fourth annual Cyber Innovation Den online. This year we’ll explore efforts being made to realised the ambition set out in the National Cyber Strategy, with speakers taking a look at the progress we’ve seen to date, including the foundation of the UK Cyber Security Council, the reinvigoration of the Cyber Growth Partnership and the continued growth in the value of the sector to the UK economy.
Cyber Security Dinner
In November techUK will host the first ever Cyber Security Dinner. The dinner will be a fantastic networking opportunity, bringing together senior stakeholders from across industry and government for informal discussions around some of the key cyber security issues for 2022 and beyond.
All techUK's work is led by our members - keep in touch or get involved by joining one of the groups below.