Assessing the reality of security breaches

Gaps in traditional security – Why do gaps keep appearing year after year?

Dr. Ratinder Paul Singh Ahuja
© Shutterstock / Hurst Photo  

Why do gaps keep appearing year after year? While the reason behind this is rather simple, the solution isn’t. In this article, Dr. Ratinder Paul Singh Ahuja makes an assessment of the security breaches and discusses what security will need in the future in order to deal with an ever-evolving infrastructure.

The recent Marriott breach –just after the Equifax incident– showed that traditional approaches to security aren’t working.  Cliche?  Maybe – unless you’re on the security teams having to deal with the aftermath of these breaches. Why do gaps keep appearing year after year?

The reason is simple (though the solution isn’t). Gaps appear because IT Infrastructure keeps changing in perpetuity. For example, consider these recent, major changes in our computing landscape:

  • Endpoints became closer and more mobile. Antivirus was status quo for years but it stopped working which gave birth to Endpoint Detection and Response (EDR).
  • Enterprise perimeter evolved with the onset of SaaS. In turn, the industry gave us cloud access security brokers (CASB).

Where is the next major shift going to happen? In the data center. In the past, the data center was a walled garden in a confined and specific physical location. It has now dispersed across a multi-cloud infrastructure. The data center has become virtualized in the multi-cloud and all over the place.

SEE ALSO: How data science can answer cybersecurity challenges

The numbers speak for themselves. Misconfiguration is *the* major contributor to breaches and other security flaws in the cloud. According to IBM, bad configuration jumped by 424%, accounting for nearly 70% of compromised records over the year. Not surprisingly, this has slowed cloud adoption. Computing Cloud Review 2018 noted that 86% of organizations cite data breaches and loss as the primary reason they hesitate to adopt the cloud. But the cloud is a freight train few can stop. By 2020, Gartner predicts 75% of organizations will have deployed a multi-cloud or hybrid cloud model for their IT needs.

So let’s take a serious look into what gaps need to be overcome in order to properly move security to the next level:

  • Gap #1: Security is too complex and overly reliant on a chokepoint mentality. Conventional security technology focuses on containment to produce restrictions, bottlenecks, and chokepoints. In the past, data and infrastructure were contained and controlled in discrete environments due to the fear of loss and compromise. With the advent of cloud architectures and the focus on reduction of containable environments, that got screwed up. Many of our old security toys became obsolete. Worst of all, while IT enjoys the benefits of cloud computing—speed and scale—security, by contrast, gets sluggish and bloated.
  • Gap #2: The cloud is making security harder. In the good old days, security only had to secure a fixed set of physical data centers. It was a chess game having to protect data within an infrastructure. Now, with part of the infrastructure having been virtualized, other parts in bare metal and then other components in AWS/Azure, the chess game has become three dimensional (do a search on “Star Trek 3d chess” and you’ll see what I mean).

What will security need in the future to deal with an ever-evolving infrastructure? We call it Elastic Security – an approach that accepts that infrastructure will shift constantly. Your technology should close the loop between visibility and relevant security policy then instantly build the controls to make the appropriate. Organizations need an elastic approach that applies and expands security controls at will, dynamically, intelligently and with complete automation. By taking an Elastic approach to security, businesses can embrace the promise of cloud speed and scale without undercutting protection. This allows organizations to:

  • Gain pervasive insight into applications and data across cloud deployments.
  • Automatically and autonomously apply security intention no matter where data and applications are or where they go
  • Scale to adjust in and out with dynamic environmental shifts.

Dr. Ratinder Paul Singh Ahuja

Dr. Ahuja draws from a career as a successful serial entrepreneur and corporate leader, bringing with him his unique blend of business acumen, strategic thinking, industry network and deep technical knowledge. His knowledge of innovation and emerging trends in networking, network security and data loss prevention are derived from years of industry experience, as his previous three founded startups, Internet Junction, Webstacks and Reconnex were respectively acquired by Cisco Systems, Extreme Networks, and McAfee. Prior to his current role as CEO at ShieldX, a U.S.-based firm that specializes in cloud security, he subsequently served as Chief Technology Officer and Vice President of the Network Security Business Units at McAfee. Dr. Ahuja holds a BS in electronics, Electronics & Electrical Engineering from Thapar University, in India and a Masters and Ph.D. in Computer Engineering from Iowa State University. He has been granted 37 patents for security-based technologies, and has presented in many public forums including the Content Protection Summit, IC3, IEEE Computer Society, McAfee FOCUS and the Cloud Expo. You can follow ShieldX Networks on Twitter, LinkedIn and Ratinder’s LinkedIn page.

Inline Feedbacks
View all comments