In the context of digital transformation, digital Darwinism is unkind to those that wait, says Dave Allen, regional vice-president for Western Europe at Palo Alto Networks.
“The rise of Netflix and the fall of Blockbuster is one of the classic examples of the fact that in some shape or form, natural selection does occur,” he informed attendees of Palo Alto’s Cloud Security Summit in London.
However, Allen stated you will need to recognise that cyber safety is the muse for the secure enablement of the digital revolution.
“And in this regard, Palo Alto’s philosophy is prevention-based because the aim of the game has to be to deny the benefit to the attacker. It’s about preventing them from getting in, but if they do, they must not be able to get out with anything useful.”
Palo Alto believes there are 4 key elements to this strategy to cyber safety within the cloud, specifically visibility, decreasing the assault floor, stopping recognized threats and stopping new threats.
“Visibility is the foundation for all security,” stated Allen. “If you can’t see something, then you can’t do anything about it, so complete visibility is essential.”
“Reducing the attack surface is about minimising the number of ways adversaries can attack, which includes applying the principle of zero trust to ensure only the right people have access to data.”
Preventing recognized and new threats
Preventing recognized threats, stated Allen, is about having all of the defences in place for the malware recognized to be hitting organisations, whereas stopping new threats is about discovering methods to detect and block assaults that use malware and strategies that haven’t been seen earlier than by the safety group.
“Our focus on prevention remains consistent and we are building capability around all of these things on an ongoing basis,” he stated, challenged by the truth that the enterprise community perimeter has dissolved and cloud-based purposes are more and more accessed from a rising number of units.
However, Allen stated many organisations are nonetheless making an attempt to work out how they’ll go about digital transformation, and in terms of safety, there’s a tendency to hunt to use conventional, inner controls to the exterior world of cloud-based providers as an alternative of fixing their strategy and pondering.
“This is extremely ineffective for handling cloud, mobile and the way people are actually working in the modern enterprise, and as a result, they end up with fragmentation and complexity from the security side and the infrastructure side, manual processes that rely too much on humans leading to reduced efficiency and errors, and a mixture of application architectures as more things are being built with the cloud and using things like containers rather than virtual machines.”
All of this makes it troublesome to make sure individuals are working safely and securely, stated Allen. “Security ends up becoming a visibility and a big data game, and how to apply ‘smart thinking’ to those.” But many organisations are struggling to get an correct overview, he stated, because of the giant variety of disparate instruments they’ve, all producing hundreds of alerts every week.
Correlating all these sources of safety intelligence is troublesome to do manually, which can also be vulnerable to error, stated Allen. “Most organisations wouldn’t have the capability and, in consequence, there are gaps as a result of this stuff usually are not built-in.
“Instead, organisations should be looking to use integration, automation and orchestration to improve security and free up the cleverest security people to concentrate on the most difficult and challenging issues and investigations.”
The proper strategy, in keeping with Palo Alto, is to mix good prevention capabilities with behavioural analytics and visibility throughout all layers of the stack.
“Great prevention is about coordinating detection with everything using a policy and ecosystem that is continually adapting to change, behavioural analytics is about being able to detect potential malicious activity by identifying anomalous behaviour associated the endpoints, and visibility everywhere is essential,” stated Allen.
In line with this philosophy and strategy, he stated Palo Alto is wanting on the deployment of bodily and digital firewalls on the networks, deploying forensic analytics on endpoints, and a spread of compliance reporting and analytical and remediation functionality within the cloud.
“All that data goes into a data lake, and that is really when we start to drive visibility to every area, and by stitching all the data and investigations together, we are able to provide integrated, very specific and narrowly focused alerts, while allowing us to do other things automatically around the environment.”
Another method of visualising this, stated Allen, is to consider each safety management as a sensor that’s amassing information to feed into the Palo Alto information lake that’s used for analytics based mostly on good safety algorithms, whereas on the similar time appearing as an enforcement level for coverage by imposing restrictions and driving higher behaviours.
“The mannequin going ahead is for organisations to deploy the sensors in order that they will leverage the analytics and visibility to develop functionality on high of that, and that functionality turns into an utility – a safety app that may be consumed on the framework Palo Alto has deployed.
“So the point of consumption is easier and the ability to dry test and remove is easier. That’s the way we believe security needs to be consumed going forward to avoid ending up in the mess that will result from doing things the old way,” he stated.
Other advantages of this strategy, stated Allen, are that it permits organisations to deliver all of it along with frequent coverage, governance, reporting, automation, orchestration and correlation, even throughout a multi-supplier atmosphere.
“Ultimately, [the vision is that] over time, it will result in a self-functioning, self-healing system, the place data safety professionals solely spend time on the issues that want human, inventive investigation and intervention.