If payment is not provided, expose the data on the Internet which is either incriminating or will significantly impact a revenue stream the business is counting on.
Security, on the other hand, still lives in the pre-Cloud era.
Even while new frameworks to secure the enterprise are available, security still relies on old methodologies even in an era of Cloud and AI. In fact, security often rebuilds solutions of the past to protect our future.
Born in the pre-Cloud timeframe, it, in the majority of cases, the enterprise firewall is the security tool the company relies on.
Thus business and security need to align by embracing two frameworks.
The concept is to build a resilient security strategy based on protecting the assets which matter most to the company.
Framework Two - SSE. The second framework to consider is the Security Service Edge.
SSE is a solution coined by the analyst firm Gartner in 2019 as part of the larger umbrella, Secure Access Service Edge.
What SSE looks to do is extend security services to where they matter.
Services to meet the employee, the data or the application where they live.
It starts by creating a security fabric using what are called Points of Presence where services such as secure web filtering, SaaS and data controls along with risk-based authentication measures are leveraged.
With SSE, these same services are improved and transitions to a Cloud delivered security service which operates as a cohesive, unified platform extended across the globe as opposed to living in a central corporate data center.
With SSE, traffic is routed to a global network where it can be both optimized and secured to provide both speed and security.
SSE can also leverage the concepts of zero trust to provide employees and 3rd parties access to only the applications and data they require to conduct their role in the business.
Second, with SSE, traffic can be inspected for indicators of compromise.
As SSE leverages the power of the Cloud, encrypted packets can be decrypted at scale.
You can apply treatments such as data loss prevention technologies to check whether sensitive files containing social security numbers are being downloaded from O365 and sent to Dropbox.
Lastly, you can control the IT landscape of applications with an SSE based Cloud Access Security Broker.
It's time to retire the static defenses of the past and align the business with security.
While the enterprise firewall will remain as a tool in the toolbox for security, making the move to zero trust and SSE will provide the active defense required in today's threat landscape.
This Cyber News was published on www.cybersecurity-insiders.com. Publication date: Fri, 12 Jan 2024 23:13:04 +0000