Securing the Shifting Cyber Security Landscape with Collaboration and Consolidation

19
Cyber Security

Collaboration will be a crucial piece in the CIO’s arsenal as more businesses look toward consolidating and centralizing IT infrastructure. Consolidation brings many benefits – from improved management to cost savings and better network visibility.

The distribution of today’s networks, powered by digital innovation and the recent remote working culture, has had a tremendous impact on security. Universal access to applications and connected resources, from any location, on any device may seem like a great idea; however, it can create a few challenges that businesses may struggle with.

With new network environments getting adopted, IT teams have had to deploy multiple security solutions for every new segment. As per a study done by IBM, organizations are using more than 45 different security solutions on average, deployed across their networks.

This level of vendor and solution sprawl does not help enhance security; instead, it diminishes the ability of IT teams to detect and defend against active attacks. Most of them are point solutions functioning in isolation and do not participate in coordinated threat responses or share threat intelligence with other solutions. Moreover, it is not possible to centrally manage and mobilize policy distribution or ensure consistent enforcement.

Read More: Securing the Intelligent Edge from Evolving Attacks

Addressing this issue should be the top priority for businesses, and the best way to do so is with a two-fold approach focused on consolidation and collaboration.

Consolidation

Many organizations have initiated consolidation efforts to reduce the number of vendors and solutions deployed in their networks in order to address the issues affecting visibility, control, consistency, and response. But consolidation should not just be about reducing the number of vendors organizations are trying to manage; it should also be about selecting the right vendors and solutions designed to enhance the functionality of the solutions in place.

Interoperability between the solutions is crucial. Regardless of where they have been deployed, security tools should be able to leverage common security intelligence feeds and share alerts and threat data with other security tools. The IT team needs a common source of threat intelligence in order to quickly correlate threat intelligence from across the network to identify threats swiftly.

A security response should also be able to launch a consistent and coordinated response to threats detected, using a variety of security solutions distributed across the network. The most effective way to do this is by building a common security framework using an integrated security platform.

A security platform should be deployable in any environment, from industrial to traditional workspaces. It should be available in any form factor, from desktop devices to high-performance appliances, VMs, and software applications.

A platform should be capable of supporting any edge, including data centers, private clouds, SD-WAN deployments, LANs, OT, IoT networks, and desktops. And given the current remote working culture, it also needs to be deployable in the cloud as a service to remote workers.

Read More: Effectively Integrating Threat Intelligence within Existing Security Operations

Collaboration

A platform is only part of the solution. There will always be security elements that do not function innately in a common platform. Hence, it is crucial to also choose solutions built with common standards and APIs. This ensures that threat feeds can be accessed consistently, threat intelligence can be shared freely, and threat responses can be launched anywhere across the network, utilizing every security tool at the disposal.

There are other options in the case of essential solutions that cannot be easily integrated into the larger security framework. More prominent organizations with mature operations often adopt a SOAR solution to coordinate their distributed security system through their NOC and SOC environments. Some depend on SIEM technologies to collect intelligence and coordinate responses across various solutions. However, today, enterprises with a less mature IT infrastructure can also utilize XDR solutions to promote coordination.

For more such updates follow us on Google News ITsecuritywire News