Achieving More Effective Threat Detection and Response with Cybersecurity Mesh Architecture

54
Achieving More Effective Threat Detection and Response with-01

As part of their digital acceleration projects, companies must start embracing and implementing an integrated approach to security. It’s the only way to get reduced complexity, simplified processes, and adaptive security that today’s business operations demand.

Cybersecurity deployments have evolved to match the complexity of the networks they are attempting to secure. This isn’t a good sign. Organizations have been compelled to quickly adopt new technologies and expand their networks due to the demands of digital acceleration. Security is often applied as an afterthought. As a result, according to IBM’s “Cyber Resilient Organization 2020” research, businesses have 45 security products deployed on their networks on average. Few of them were designed to work together as a system, making centralized management and automation difficult.

For many IT teams, the ensuing vendor sprawl has become a significant concern. Detecting and responding to a security incident becomes progressively difficult when visibility is scattered over numerous consoles. That’s because, according to the same study, responding to a cyber event necessitates coordination across 19 of these tools on average. Organizations must also deal with feature overlap, which may cause turmoil on the back end when it comes to handling things like configurations, in addition to a lack of interoperability.

Also Read: Effects of ‘The Great Resignation’ on Cybersecurity

Many businesses wind up creating complex workarounds that must be managed and adjusted on a regular basis whenever a device is upgraded.

Cybercriminals have been all too willing to take advantage of the resulting uncertainty when businesses just throw money at their cybersecurity problems. The number of attackers and attacks successfully targeting the complexities, silos, and visibility gaps that naturally come from such complex and dispersed security setups has increased dramatically in the last year.

Employing Cybersecurity Mesh strategy

As per Gartner Top Strategic Technology Trends for 2022, Cybersecurity Mesh Architecture (CSMA) is one of the top cybersecurity trends for 2022. To provide centralized management and analytics throughout the extended network for more effective threat detection and response, CSMA merges best-of-breed planning with an integrated set of security tools, APIs, and common standards. According to Gartner, companies that implement a CSMA strategy by 2024 will reduce the financial impact of individual security incidents by an average of 90%.

Cybersecurity Mesh Architecture

A Cybersecurity Mesh Architecture entails much more than just putting disparate infrastructure components and deployments under control via cross-integration. It also needs to connect security technologies to the underlying network to make new technologies and services easier to implement. As the network grows to suit changing business needs, the interwoven security fabric adapts to the changing infrastructure of applications, devices, and services it is tasked with safeguarding. A cybersecurity mesh should also be tightly linked to solutions that combine networking and security, such as ZTNA or Secure SD-WAN integrated into a next-generation firewall.

Achieving this will take considerably more than the current workarounds being used to connect various legacy security technology. A cybersecurity mesh platform should be fully integrated for consistent policy enforcement, widely deployable to view and protect every nook and cranny of the network, and fully automated to identify and respond to attacks without the need for human interaction. In particular, for new, complex trends like work-from-anywhere, such an approach is critical for decreasing complexity and enhancing overall security effectiveness.

Also Read: Industrial Cybersecurity Challenges to Keep an Eye on in 2022

Even as the network evolves, technologies should be built to operate together to ensure and maintain deep visibility across all edges. The resulting security fabric should allow for centralized management of distributed systems, resulting in unified visibility and policy enforcement. Integrated systems must also use a unified threat intelligence database to ensure that all tools are looking for and responding to the same alerts and threats. Third-party integrations should help detect known and unexpected attacks and automate actionable responses across hybrid environments.

While integrated technologies are critical for every CSMA deployment, they aren’t the only consideration. Even the best plans might be derailed by restrictive and rigid licensing systems. Organizations need dynamic licensing schemes in addition to establishing integrated and open technologies, so their security can easily expand up and out across any environment. Only then would a cybersecurity mesh architecture be able to deliver reliable, real-time protection as the network adapts to changing user, connectivity, and business circumstances.

Fortunately, implementing a cybersecurity mesh architecture is not one of those far-fetched ideas that will take years to achieve. All of this is, in fact, now available. What needs to change is how individuals think about security and how they implement it.

For more such updates follow us on Google News ITsecuritywire News