Over the past couple of years, Security Operations and Response has taken center stage in helping organizations prioritize cyber events to investigate and involve business functions, like legal, risk, audit and LOB, in order to take appropriate actions to the observed incidents. While this is good hygiene, security teams are inundated with projects to secure new business processes, secure migrations to the cloud and stay ahead of regulatory demands.
The attack surface has also grown exponentially resulting from the use of more 3rd party applications, migration to multiple, cloud-based infrastructure services, and interactions with new, unconventional supply chain partners to expand the digital business in new areas. Amidst all these changes, one thing has remained a constant - enterprise users need to securely interact with the business data in a highly distributed, hyper-connected environment.
How can security leaders reduce the complexity, manage business risks and secure the environment that they don’t fully own or even manage?
Leading security vendors have recognized that simply adding more point solutions is not the answer and have begun introducing cybersecurity technology platforms to address the growing security challenges. Evidence of this can be seen on the show floor of any recent industry events: vendors are unveiling new security platforms. But as security leaders, how do you evaluate which is the right one for you? Let's look at the differences between them.
There are three primary types of cybersecurity platforms introduced in the market today:
- Data Layer Platform - Leading cloud service providers and security analytics vendors have introduced platforms to capture and store large volumes of security telemetry, to identify and respond to security events and threats. This type of platform is valuable for security operations teams as they seek to find ways to reduce the cost and complexity of gaining visibility across their cloud and enterprise infrastructures.
- Integration Layer Platform - Large, traditional enterprise security vendors have introduced platforms to integrate existing and 3rd party security solutions and implement interoperable policy management, common reporting, and/or workflow management. This type of platform is valuable for security leaders with large in-house development and systems integration teams that need to maintain a traditional security stack, while integrating with new, cloud-based security stacks.
- Solution Layer Platform - Leading enterprise security vendors have introduced platforms that offer ready-to-adopt services for targeted use cases, often converging disparate functions into one solution to address a target business challenge. This type of platform is valuable for security teams that need to become more agile, support the business initiatives and secure business transformation.
It’s paramount that security leaders evaluate the flexibility, openness and modularity of available platforms to address the security initiatives and maximize enterprise security investments. Security leaders have too many -- often conflicting -- projects to manage the business risks and communicate with the board, keep up with the rapidly changing regulations and data privacy mandates and get ahead of internal and external threats.
There are three near-term security initiatives to secure user interactions with the data in a highly distributed, hyper-connected environment:
- Secure your branch and remote offices directly to cloud.
- Protect the data you care about both in the cloud and on-premises.
- Prevent intellectual property from insiders and compromised users.
Traditional infrastructure-centric security is limited in its ability to adapt to the dynamic nature of user interactions with the data, where its used. Solution layer platforms hold promise to help security leaders simplify the enterprise security architecture with the users and data in the center of the security design thinking. It’s time to become more proactive in securing the digital enterprise.
This week, Forcepoint will be at Gartner Security and Risk Management Summit 2019 in National Harbor, DC. I look forward to meeting with security leaders, partners, and analysts to explore the types of cybersecurity platforms that can address the traditional and emerging security challenges and hearing their feedback. If you're at the summit please stop by Booth 509 and visit us in our hospitality suite on June 19th!