Lead Machine Pink 160x1200

Lead Machine Pink 160x1200

iTWire TV 705x108

Monday, 25 July 2022 10:35

The rise of adaptive cybersecurity

By Stephen Gillies, APAC technology evangelist, Fastly
Fastly APAC technology evangelist Stephen Gillies Fastly APAC technology evangelist Stephen Gillies

GUEST OPINION: As the network perimeter blurs and attack surfaces expand for Australian organisations, it's becoming clear that a new defensive posture and approach is required.

Practitioners are familiar with the dynamism of cybersecurity. It may be part of the reason they got into it in the first place.

Taking one measure alone, 55 common vulnerabilities and exposures (CVEs) were recorded on average every day last year, a record. 2022 is already on track to exceed that. These vulnerabilities are spread throughout the full stack of technologies used by organisations. With systems and applications as interconnected as they are today, multiple vulnerabilities can be chained together by attackers to improve their chances at exploitation, or to escalate attacks.

Attackers also have a greater choice of potential targets and entry points to choose from, while conversely practitioners have more gates to protect and can limit traffic through their organisation.

A recent study found 75% of Australian businesses are now living with a vastly increased attack surface. The largest contributor to this is the increased use of web applications to engage with dispersed and often 'location agnostic' employees, customers, and other stakeholders. The increased number of endpoints inevitably expands the attack surface and exposes companies to new vulnerabilities. Often companies are not aware of the status of all devices accessing their resources.

In addition, the need for infrastructure modernisation and digitalisation has led to adoption of newer technologies, further expanding the risk.

While Australian CISOs may say they have everything covered, the survey found that security maturity could well be further developed and nurtured.

But our research simultaneously shows that when you dig down and talk to people lower down in the security hierarchy, the reaction and response is inconsistent at best, and all over the place at worst.

Frontline security in the SOCs are chasing to keep up with the combined impacts of a rapidly widened attack surface, changing architectures, more people working remotely and ongoing digitalisation.

In short, current cybersecurity postures are struggling to align with dynamic attack surfaces.

That needs to change.

Breaching the moat

Cybersecurity teams have traditionally focused on preventing all attacks, using what might be referred to as a 'castle and moat' approach. The 'castle' is the office network, protected by the 'moat' (the network perimeter). Everyone inside the 'moat' was trusted, not so anyone outside it. A 'drawbridge' lowered over the 'moat' allowed traffic movements to be controlled in and out.

This works on the assumption that people work within a walled, protected environment, that they are accessing sensitive data and systems mostly from within an office on corporate-owned devices.

Most organisations don't operate like this anymore. Only 18% of Australian companies say that they still have this traditional 'castle and moat' defence.

The reason for that is that this defensive model simply does not work when the network perimeter becomes blurred. It also does not offer workable prevention against the growing dynamism of the attack surface.

Adapting to change

A completely different approach to cybersecurity is required.

The desirable end state - easier said than done - is to embrace an adaptive cybersecurity posture, supported by people, process and technology - that is more responsive to the dynamism of today's cybersecurity landscape.

As research firm Ecosystm notes, "anticipating threats before they happen and responding instantly when attacks occur is critical to modern cybersecurity postures. It is equally important to be able to rapidly adapt to changing regulations. Companies need to move towards a position where monitoring is continuous, and postures can adapt, based on risks to the business and regulatory requirements. This approach requires security controls to automatically sense, detect, react, and respond to access requests, authentication needs, and outside and inside threats, and meet regulatory requirements."

Adaptation is also likely in future to involve artificial intelligence. A golden example of applying AI adaptively for cybersecurity would be to be able to detect the presence of code, packages or dependencies that are impacted by zero-days or other vulnerabilities, and to block those threats. That may be some way off yet - it would require a model, and enough time and data to train it. But it's an example of the thinking and discussion on adaptive cybersecurity that is currently taking place.

Tackling attack surface

While an adaptive cybersecurity posture is the end game, there are things Australian organisations can do in the interim to get a better handle on their environments.

An interim goal could be to better protect web applications - the single largest contributor to an expanded attack surface in Australia.

For this, development and security teams alike should embrace security-as-code and policy-as-code. Using a security-as-code approach allows developers to communicate runtime security assumptions to the application infrastructure at deployment. Limiting the types of requests that an application has to process can be more efficient as it allows pre-processing of inputs at the edge of the application infrastructure, rather than inside the application.

In addition, next-generation web application firewalls (WAFs) give teams more options to deal with threats. They allow security to be addressed in a more automated way, detecting and either logging or blocking malicious request traffic before it reaches the web application.

Leveraging WAFs and content delivery networks (CDNs) should be part of any holistic defence-in-depth security strategy, and offer a pathway to immediate protection, as well as towards more adaptive forms of cybersecurity protection.

Read 1102 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here




ENABLE HYBRID CLOUD & REDUCE NETWORK LATENCY WHITEPAPER

Hybrid cloud promises to bring together the best of both worlds enabling businesses to combine the scalability and cost-effectiveness of the cloud with the performance and control that you can get from your on-premise infrastructure.

Reducing WAN latency is one of the biggest issues with hybrid cloud performance. Taking advantage of compression and data deduplication can reduce your network latency.

Research firm, Markets and Markets, predicted that the hybrid cloud market size is expected to grow from US$38.27 billion in 2017 to US$97.64 billion by 2023.

Colocation facilities provide many of the benefits of having your servers in the cloud while still maintaining physical control of your systems.

Cloud adjacency provided by colocation facilities can enable you to leverage their low latency high bandwidth connections to the cloud as well as providing a solid connection back to your on-premises corporate network.


Download this white paper to find out what you need to know about enabling the hybrid cloud in your organisation.

DOWNLOAD NOW!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments