Council Post: Software Is Redefining Our Notion Of Hybrid
David Schiffer is the CEO of RevBits and formerly of Safe Banking Systems (SBS). develops cybersecurity software for organizations.
The combination of two or more different things creates a hybrid. We’ve hybridized dogs for years: labradoodles, cockapoos, dobihuahuas (well, perhaps not). For the last decade or so, we’ve had petroleum-saving hybrid cars powered by a combination of internal combustion engines and electric motors. We controversially hybridize food crops with specific traits that improve resilience against diseases.
IT technology advances are creating new hybrids that help enterprises greatly improve business efficiencies. Software-driven technology is empowering small and large businesses alike to achieve much more with fewer resources. In many ways, software is democratizing many digital aspects that help drive business.
The Challenges Of Single-Function Cybersecurity
When software replaces legacy hardware-driven infrastructure, networks are able to combine mobile and fixed wireless, internet and MPLS. Apps and IT infrastructure can be hosted within private, public clouds and on-premises, and employees can work from anywhere. A hybrid architecture enables enterprises with a centralized approach to IT governance while leveraging the benefits of expanding perimeters. A hybrid IT environment can efficiently and effectively manage data and application workloads within combined on-premises, public and private cloud environments. Effective hybrid IT environments have many advantages, including greater agility, achieving cloud economies of scale, leveraging on-demand services, improving customer service, democratizing application development and boosting resiliency.
For decades, organizations have incorporated various single-function security products into their data centers and clouds. These disparate silos have included firewalls and anti-virus products, identity access management (IAM), intrusion prevention/detection systems (IPS/IDS) and more. With the growing numbers and increasing sophistication of cyberattacks and breaches, layering on single-function products adds increasing costs, creates blind spots for security teams and causes security analysts to manually swivel between consoles trying to cobble together attack sequences.
Single-function security products from different vendors are unable to receive timely alerts across the different attack surfaces. The complexity they bring, and their fragmented nature, compound visibility challenges for security teams. An alarming fact is that most security leaders will tell you they don’t know how their tools are helping them reduce security risk. The truth is, the alarming number of cyber breaches says it all.
As witnessed by the increasing number of security breaches we read about daily, having more tools doesn’t equate to a stronger security posture. In fact, they can impair visibility and create gaps in coverage. Their inability to share data requires more time formatting, analyzing and presenting it in spreadsheets manually compiled for reporting to the board and auditors.
The Advantages Of Hybridized Cybersecurity
These challenges don’t bode well for organizations already suffering from a lack of skilled cybersecurity personnel. Highly specialized staff now spend their time generating manual reports that tend to be error-prone. The lack of automation and embedded cross-functional integration only provides a single snapshot in time, making the reports stale almost immediately.
To overcome the many challenges IT and security teams face requires a different approach. Hybridization of cybersecurity functions and cross-functional data sharing and analysis within a single dashboard gives security teams the visibility and immediate responses they need to successfully defend their organizations.
Endpoint security solutions that conduct multi-phased analysis on all new executables with combined signature scanning, machine learning and behavioral analysis greatly improve results. These unified capabilities maximize the accuracy of malware detection and minimize false positives. They provide in-depth details and easy navigation for security analysts and forensic investigators.
A hybrid or unified cybersecurity platform empowers analysts and forensic investigators with greater productivity and effectiveness by correlating diverse protection measures within a single platform. Security personnel will no longer react to false positives and other non-priority events. Through automating the detection and remediation of anomalous activity among a cross-functional security stack, everything is easily viewed, enabling rapid cyber forensics with analytics and context to quickly resolve threats.
Protecting Business Operations Requires Top-Down Communications And Multi-Dimensional Security
As unified security solutions develop and mature, and become more mainstream, they will replace many separate products, to combine all aspects of the IT security ecosystem. This will reduce risk and create a more resilient security posture. And while the hybrid security road may have many twists and turns ahead, forward-thinking security leaders won’t be deterred.
Reducing risk requires a robust cybersecurity posture. However, many organizations have not fully addressed their risk or how they plan to protect themselves and their customers. Risk exposure is a top issue for executives, and boardrooms have become more sensitive to their responsibilities in overseeing the growing risk factors surrounding cybersecurity. However, board directors need greater knowledge and understanding of their cybersecurity risks and their company’s state of preparedness. Security leaders can have a greater impact by communicating with their board and providing visibility into the organization’s cybersecurity weaknesses. Educating the C-suite and board to gain buy-in and taking preventative action will pay great dividends in minimizing risk and business disruption.
Below are some preventative actions to consider:
* Employees are your first layer of defense, and education and user awareness training will help strengthen your cyber defenses.
* It’s important to keep applications, software and operating systems continuously patched, as threat actors look for software vulnerabilities.
* Reduce vulnerable surfaces by closing ports and turning off unused services, so bad actors can’t take advantage of exposed areas.
* Apply zero-trust policies, giving workers access and authorization to only what is required for them to perform the job functions.
* Deploy single sign-on (SSO) and multifactor authentication, with implementations that don’t create user friction.
* Implement email security software to block malware, phishing and zero-day attacks.
* Segment your network and apply security protocols to each segment to manage security and compliance.
Protecting against cyberthreats requires combined technologies, resources and processes. The ability to reduce the impact of an attack or breach requires detection and response automation, user training and dedication to policy design and implementation.
Originally published at https://www.forbes.com.