Cloud Security, Security Strategy, Plan, Budget

How to leverage security automation to accelerate digital transformation

Shell uses analytics to anticipate downtime at drill facilities, saving time and money on inventory management. Todays columnist, Karl Van den Bergh of Gigamon, says companies can take a step further with analytics and leverage them to automate security processes. Credit: Photographic Services, Shell International Limited
Shell uses analytics to anticipate downtime at drilling facilities, saving time and money on inventory management. Todays columnist, Karl Van den Bergh of Gigamon, says companies can take a step further with analytics and leverage them to automate security processes. (Credit: Photographic Services, Shell International Limited)

When the massive rush to work-from-home started back in March 2020, InfoSec teams were forced to make tough decisions. Some moved internal applications to the demilitarized zone (DMZ), which unfortunately exposes the organization’s services. Others tried to move internal applications to the cloud. This resulted in the rapid expansion of remote access. If those changes were made in a patch-work fashion, performance likely suffered and risks increased.

At the same time, companies can lose or muddy visibility because of remote access. However, when those changes are made with a “fabric” mindset, it decreases risk and improves performance. Companies achieve this by embracing  a single-pane-of-glass management and monitoring architecture that offers simplified workflows for traffic policy configuration, end-to-end topology visualization, and hierarchical grouping based on location and customizable dashboards. A fabric mindset makes expanding remote-access VPNs and monitoring them with security tools much easier.

Now that the workforce will remain fluid for the foreseeable future, it’s time to adopt this mindset proactively and make those emergency measures sustainable and scalable for the long haul. The following five steps will help InfoSec leaders balance the acceleration of their digital transformation (DX) journey, while reducing the burden of infrastructure complexity, especially during these uncertain times:

  • Achieve pervasive visibility. This visibility must span on-premises, private, public and multi-cloud environments in a consistent way, leveraging a common visibility architecture. Cloud initiatives have been accelerated to support the distributed workforce, putting an incredible amount of stress on the InfoSec team and infrastructure. As more companies adopt a hybrid cloud approach, having a clear line of sight into the network and application layers becomes increasingly important. Maximizing visibility ensures an uninterrupted view of all the data, applications, and users on a company’s physical, virtual, and cloud network. In the past, visibility has often been deployed ad-hoc, in support of a single tool project, but with visibility deployed first, multiple tools can see, monitor and secure the network.
  • Glean intelligence from that visibility. Applying data-driven analytics helps InfoSec teams make better decisions and automate their workflows. In fact, a Ponemom report found that 60 percent of IT leaders said automation helps to reduce the stress of their organization’s IT team. Now’s a good time to use insights from this aggregated data to understand potential bottlenecks in the infrastructure, such as security tools with irrelevant application traffic that are compromising tool effectiveness, and simplify them. Or to deliver insight-driven recommendations to incident responders as to the most effective next steps in mitigating the potential impact of a detected threat. 
  • Embrace automation. As InfoSec teams are forced to do more with less, automating mundane tasks becomes critical. Automating the intelligence gathered in the previous step frees up the InfoSec team to focus on the larger challenges and risks at hand. Configuration deployment has been an important area of focus for automation in the past and management tasks get even easier as we connect systems to orchestration. In the past, optimizing the delivery of data to service triage and performance management tools was complex, but it happens automatically today. We forget how much of this we have automated in the last decade. The fabric mindset offers a key benefit: use information-in-motion, collected and transformed efficiently, to drive increasingly more valuable insights, such as application intelligence or the identification of threats traversing the network with as little human intervention as possible.
  • Invest in human resources and capital. Even with an increase in automated tools and technologies, it’s still important to have skilled, experienced teams to analyze data and insights. When human talent and knowledge gets combined with automated insights, companies can maximize the benefits from the increased visibility.
  • Rethink security protocols to reflect today’s environment. We must adjust our tools, policies and IT infrastructures to meet the growing network demands caused by the global move to remote work this past year. Even when we do return to the office, a hybrid model with most still working remotely will become the new reality. We must ensure we can keep organizations secure remotely, in the office, or wherever employees might happen to work.

Today’s extreme demands on IT infrastructure and on the people responsible for its performance and security highlight the urgent need for simplification, efficiency and improvements so organizations can successfully accelerate their DX journeys. The evolving threat landscape, influx of network traffic, and zero tolerance for errors have simply outstripped human capacity. Progress gets clouded by complexity challenges (and budget constraints), especially as we’ve been forced to move at such a rapid pace toward the future. InfoSec teams that had already adopted a fabric mindset had software systems doing much of that work for them, which let them deliver a smarter, more proactive approach to network management, monitoring and security. From home and with minimal access to physical systems, they worked to deliver fully-optimized performance monitoring and data security tools. They could do all of this while sleeping well at night, because threat detection and response had already been enhanced to address the changing attack profiles. The fabric mindset, orchestration and automation let these InfoSec pros do more, faster.

If companies adopt the fabric mindset, they can achieve scalable visibility into all information-in-motion, from raw packets to applications, based on a common architecture that spans physical, virtual and cloud networks. By eliminating blind spots and simplifying management, we can work together to adapt, act, and learn how to better address the next phase of the fluid workforce. There’s a lot of work ahead, especially as we all begin to think about returning to physical offices and data centers, but we’ll all become more efficient if we let software automation  carry some of the load for us.

Karl Van den Bergh, chief marketing officer, Gigamon

Related

New Muddled Libra attacks set sights on cloud

Attacks by the Muddled Libra threat operation — also known as UNC3944, Scattered Spider, Scatter Swine, and Starfraud — have been redirected at cloud service providers and software-as-a-service apps as part of efforts to bolster its data extortion efforts, reports The Hacker News.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.