FLUENT: Perspectives from Softcat
A CYBER SECURITY APPROACH TO CALL YOUR OWN
Organisations are rapidly adapting to deliver new digital platforms and services for their customers and staff, creating an IT environment that is constantly in flux. But your security strategy doesn’t have to be.
When it comes to cyber security, it’s all about balance. Balancing board-level expectations, infrastructure efficiencies, costs, and talent. All the while, you need to deliver on your Cyber Security Improvement Plan.
Despite spending on security solutions reaching a peak, industry surveys and breach rates consistently point to the flaws in a siloed approach, where organisations rely on a mix of standalone tools for protection. What’s needed instead is a more holistic approach to security management.
A GAME OF CAT & MOUSE
Cybersecurity is a cat and mouse game between hackers and defenders; a game with higher and higher stakes as our reliance on technology grows.
This has typically led to customers purchasing boxes too large for the majority of their contract, wasting money, or purchasing boxes that need to be replaced to support the additional bandwidth needs of our increasingly video and cloud-based IT environments.
This isn’t to put the blame solely onto our networking security vendors because providing high speed network security is hard; the processing required to decrypt, inspect, analyse and act is difficult to achieve at scale. Now, issues of scale in IT aren’t new but the network security is unique in that we require the processing to be performed on an appliance in a network location, or at least we used to.
A SHIFT IN SECURITY MANAGEMENT
The rise in cybercrime has a lot to do with changing norms and technology adoption, and the pandemic was the perfect storm for threat actors. The rapid shift to homeworking, financial pressures and mass cloud adoption gave cyber criminals a window of opportunity to take advantages of the gaps in security. They were also quick to focus more effort on timely social engineering techniques to capitalise on anxieties, fears and the chaos that COVID-19 caused. There’s also a widening skills gap affecting the cyber security sector, leading to stretched IT teams with less resource for ongoing security management and threat response. Add to the mix an expansive vendor landscape, creating fragmented visibility and manual workflows, and you can see why organisations can struggle to make the right security decisions. But within security infrastructure there’s untapped value to be found; a more holistic approach needs to be taken to give greater visibility and coverage. And an integrated security ecosystem can deliver this
HOW TO CREATE A SECURITY ECOSYSTEM
Simply put, an ecosystem is a group of technologies that work together on one platform to provide an outcome greater than the sum of its parts. Technology, all in harmony. This optimises cyber spend, increases efficacy and maximises investments, meaning you’ll be able to better respond to threats and fight back. The odds are suddenly in favour of the mice. Organisations have the flexibility (dependent on need) to take a platform or partnership approach. This can be formed by products built by separate expert vendors with a deep specialism in a specific area or technology; products built by the same vendor across a wide range of areas, so you gain a broader set of tools within the same platform; or technology built by separate vendors and represents a deep specialism but acts and functions as an integrated platform.
So, if you’re looking to shift to a holistic security approach, follow these five steps:
A security spring clean
Before you start, understand where you are now and where you want to be. Think of it like a security-based spring clean – what can you keep and what do you no longer need? It’s important to be self-critical and honest, and to do that you need input from your broader team. It’s a great opportunity to consolidate and optimise, so you need to gain a real and true picture of what’s in place as a starting point.
Set your priorities
Only when you understand what you have and what does and doesn’t work can you confidently say what you need from your security ecosystem. Are you trying to reduce your number of vendors? Do you want to simplify your security solutions? Are you looking to retain the most valuable and remove the cheaper options? Answering these questions will help you to work out the criteria for your ecosystem. There is no right or wrong answer – your ecosystem will be as unique as your business.
Duplication of capabilities can lead to unnecessary spend, complex and time-consuming management processes and an overlap of data. Look to where you can group technologies, depending on their purpose or features. This can help you to identify overlap and spot opportunities to consolidate and streamline. This, in turn, will simplify how you detect and respond to incidents.
Fill in the gaps
Once you’ve finished your spring clean, you may notice some gaps that need to be filled. For any new technologies, you’ll want to consider vendors and tools that naturally integrate together to get the best from each. If they don’t, you’ll create siloed visibility and reduce your ability to detect security events. There’s no one-size-fits-all approach; it’s entirely down to your unique business needs and priorities. Working with a vendor-neutral partner can help identify the right technologies and mature your security posture over time.
Don’t be complacent
Once you have your personalised security ecosystem in place, it isn’t job done. Staying organised is an ongoing job. Define your roadmap and always check your progress against it and monitor whether the right things have changed. And if they have, by how much. You can share this progress with the wider business to support future funding, build more trust and get backing for any projects further down the line.
A U T H O R
Adam Louca Chief Technologist: Security
Adam focuses on developing, engaging and transforming our strategic customers cyber security approach. Adam also runs Softcat’s cyber assessment services business which helps customer understand their current cyber security maturity and build roadmaps to improve.
FEELING SASE YET?
With more people than ever now working remotely, organisations everywhere are experiencing increasing network traffic; there’s greater cloud adoption; and more Software as a Service (SaaS) apps are becoming fundamental to business operations. Consequently, the majority of enterprise traffic now goes directly to the internet.
IS PREVENTION BETTER THAN CURE?
At Softcat we’ve approached our cyber security marketing differently – we’re not about scaremongering, big dramatic adverts or people in hoodies; instead we focus on what successful security looks like. However, sadly there is one point that everyone else discusses that I do agree with when it comes to cyber, which is the momentum in cyber attacks is increasing.