Management BYOD Infrastructure IoT Storage Security Privacy

Current Filter: >>>>>>

PREVIOUS

   Current Article ID:10292

NEXT



Evolving cybersecurity

Editorial Type: Security Update     Date: 11-2019    Views: 850   [More Tags]





Cybersecurity is still a young industry but it's growing fast. Theresa Lanowitz, Director of Cybersecurity Communications at AT&T Cybersecurity thinks we are at a critical point in cybersecurity's evolution

In the earlier days of cybersecurity (2004/2005), vendors targeted development and testing teams. Implementing security practices earlier in the lifecycle would prevent vulnerabilities from being exposed in production where they were much more costly to remediate. This approach put the application at the centre of the universe.

The problem was that the CISO office was not involved in the sales process. No developer or tester wanted the responsibility for security unless there was an executive mandate. As developers and testers did not buy the security tools, vendors turned to the CISO office, which was disconnected from the development teams. The CISO office believed proper development and security hygiene was handled by developers and testers during the pre-production phase.

PERIOD OF CONSOLIDATION
For about two years from 2006 we saw a consolidation of those tools targeted at developers and testers, and the new mega-security companies attempted to sell their products to them. As this strategy failed, security tools were placed in a separate division (a silo) focusing on the CISO office. But there was no executive consensus or mandate for security that bridged the development and policy level.

Fast-forward and there is now a proliferation of point product companies that specialise in one threat. Today's cybersecurity market consists of levels. The mega-vendors lacked a compelling story about why security was so important at the application level. The single product vendor is not offering a product but a feature. Because of the proliferation of point product vendors we are in another wave of consolidation with the big vendors being network and infrastructure focused, instead of software-development focused.

NETWORK CAPACITY
The reason we are progressing as a society, moving from monolithic enterprise applications through mobile applications to a completely connected and low latency world with IoT, is because of the increase in network capacity. Location-based mobile apps such as Uber or high-performing streaming services would never have been possible in a 3G world. Likewise, massive IoT scale will only be possible with the support of 5G.

While 5G standards (which are dynamic as all standards are) address known 4G vulnerabilities and 5G networks are being architected with more security than any previous network, businesses must still prepare for security threats, both existing and new, and adjust policies and practices accordingly. An expanded attack surface provides an opportunity for new threats to emerge, as well as for the potential proliferation of unpatched existing ones.

Thankfully, in most IoT conversations today, security is the primary question. Just two years ago, security was an afterthought when it came to IoT.

THE DECOUPLING FLAW
Decoupling cybersecurity from everything else has been the fatal flaw of previous security companies. Offering cybersecurity solutions alone has been tried and failed. This is why the industry is experiencing acquisition by larger network and infrastructure-heavy companies.

Enterprises are no longer operating in isolated silos. It is simply too expensive and risky. Enterprises of all types and sizes realise that their businesses are only as strong as their networks. The network is now part of the brand promise to give enterprises performance and security, otherwise customers will shop elsewhere.

We are moving to a world where customers will rely upon the trust index of a company. The higher a company is on the trust index, the better the security and performance are, i.e. zero, or managed and contained breaches, etc. These high trust companies will turn to the network and infrastructure vendors to achieve a greater trust index with a cybersecurity solution that is holistic, simple, and borne of experience. Ultimately the high trust companies will thrive.

We are in the Darwinian moment of economies, and cybersecurity has become its cornerstone. NC

Like this article? Click here to get the Newsletter and Magazine Free!

Email The Editor!         OR         Forward ArticleGo Top


PREVIOUS

                    


NEXT