H
How would you describe the
current threat landscape?
The volume and velocity of threats
continues to explode. There are many
reasons for this explosive growth,
starting with the fact that the bar for
accessing malware is lower than ever
due to the availability of Malware-as-a-
Service (MaaS) and other on demand
services on the Dark Net.
Advanced threats are becoming more
sophisticated at the same time. Many are
now multi-vector, concurrently targeting
different points on the expanded attack
surface in coordination.
All at once, an attack can blitz an
organisation from a central data
centre out to the network edge,
targeting a full spectrum of endpoint
devices and applications across
on-premises and cloud environments.
These advancements are also making
it more difficult to detect and respond
to breaches.
How have Digital Transformation
initiatives impacted the
attack surface?
Driven by the desire to move faster
at global scale and to transform
customer experiences, companies
are reconsidering how they run their
businesses – and Digital Transformation
(DX) is at the forefront. Despite the wide-
ranging business advantages DX offers,
it also comes with new challenges.
FEATURE
Specifically, as DX touches a myriad
of technological aspects and extends
from the data centre and enterprise
campus to the edges of the network and
cloud, the network perimeter essentially
dissolves, exposing additional risks
while ratcheting up the complexity of an
already-complex security architecture.
This expanded,
dynamic attack
surface dissolves
the once well-
defined network
perimeter and the
security protections
associated with it.
Sensitive data can now reside across
multiple clouds and is within reach of a
growing array of deployed IoT devices.
Traffic moves across the public Internet
instead of private networks and extends
to the edges of the network – from
mobile devices and wireless access
points to operational technology (OT).
This expanded, dynamic attack surface
dissolves the once well-defined network
perimeter and the security protections
associated with it.
Seeking to address the new
vulnerabilities posed by this new
network reality, many organisations
have deployed an array of largely
disaggregated point security products.
This de facto security architecture is
disconnected, engendering multiple
security and compliance gaps and
inefficiencies that, ironically, diminish
holistic protection.
Alain Sanchez, Senior CISO Evangelist
at Fortinet
www.intelligentciso.com
|
Issue 21
Disaggregated security also wastes
staff resources by requiring manual
workflows and administration. Worst of
all, this increases risk to organisations
and security teams find themselves in
a perpetual reactive mode with regards
37