The challenge of securing our networks is accelerating, primarily in direct response to digital transformation efforts that are expanding the attack surface. Cybercriminals are all too eager to exploit new attack vectors and take advantage of new limitations in our visibility and span of control.
The problem is that too many of our security solutions not only operate in relative isolation—meaning that they don’t do a very good job of sharing threat intelligence with other security tools—they also still tend to be perimeter-based, which is ironic given that the industry has been touting borderless networks for quite some time. Part of the problem is that even as the border is eroding, we still tend to think of our networks in traditional terms, with an assumption that the data center sits at the core, the network is reasonably static, and that all other elements — mobile users and devices, branch offices, and multi-cloud environments — branch off from that central network in a hub and spoke design.
Today, however, data is highly distributed, and the perimeter is not only disappearing, it is being replaced with a sophisticated, meshed network of networks made up of components that are not only virtual, but are frequently temporary.
So it is not unexpected that security entrepreneurs would see this new threat landscape as the ideal time to introduce new products into the market. But for organizations looking to expand or upgrade their security, there is literally too much information to consume. The recent RSA conference was a perfect encapsulation of the problem. Over 30,000 attendees interfaced with over 400 security vendors, each of which was promoting their security widget as a critical lynchpin in any security architecture.
But without universal performance standards and no governing body to review and verify the claims made in marketing materials and on spec sheets, consumers are forced to base critical decisions on information that could come, quite literally, from anywhere—with nothing but vendors’ assurances to back them up. For those of you new to this, imagine self-diagnosing all your medical decisions based on pharmaceutical advertising—with no FDA, no standards for the claims being made, and no way to verify the benefits and risks—and you will have an idea of what most CISOs and their teams must contend with when selecting digital security vendors and services.
Unfortunately, such decisions are not only very expensive, they also have a significant influence on a wide range of current important future security decisions and positions, such as critical and sensitive data being increasingly distributed and constantly in motion.
To help organizations struggling not only with the expanding threat landscape, but the growing solutions landscape as well, here are a few strategies for cutting through all of the hype:
Adjusting our traditional security paradigms is a matter of shifting from a micro to a macro focus when looking at potential security solutions. Organizations require solutions that allow a unified security strategy to be applied to every device, regardless of its function or location, so you can see farther and engage more effectively with less overhead.
In today’s meshed and increasingly perimeterless networks, security teams need to be able to identify everything connected to their ecosystem—including its state and configuration, validate requests for access, and monitor and encrypt all traffic. This requires vendors and security professionals alike to consider security devices less in terms of features, and more in light of their ability to participate as an integral part of an integrated security strategy that solutions not only share and correlate threat intelligence, but that can also actively participate in any coordinated response to detected threats.
Find out how Fortinet’s Security Fabric delivers broad, integrated, and automated protection across an organization’s entire digital attack surface to provide full visibility, reduced complexity, and end-to-end coverage.
Learn more about how Fortinet’s multi-cloud solutions provide visibility and control across cloud infrastructures to secure applications and connectivity.