Continuous Security Starts with Intent
It was back in August of 2011 when Hewlett-Packard, one of the most reliable PC/hardware producers of the modern age, announced that it was going to jettison some of those product lines in favor of a larger focus on software. Marc Andreessen, who was on their Board at the time, wrote a now-famous article in The Wall Street Journal entitled “Software is eating the world.”
It still is, and very much so -- and our own Tim Woods mentioned it just last week on a webinar about security intent (you can access the webinar at the bottom of this post).
Tim was talking about how the speed of business is often 7-8x faster than the corresponding speed of security. Executives want competitive differentiators among their products/services and feel becoming irrelevant. This is “The Era of Disruption” and a common driver of business decision-making nowadays.
But recent legislation, notably GDPR, have moved security to the forefront. GDPR essentially is saying “Security controls must move with the business.”
Now we have a problem at the decision-making level: how can someone outpace their competition while also keeping in pace with security needs? That’s never really been the norm of running a scaling, growing business -- security’s always been many races behind.
There are several approaches to take to bring security up to the speed of the business, including:
- Deal with the rulebase: Rulebases have been growing almost exponentially for years, and security staffing has in no way kept up. Remove unnecessary and redundant rules and focus on a streamlined, agile rulebase that frees up time for other network security projects.
- Maintain intent as the network shifts and moves: Now you move to a place that’s less about writing rules and more about declaring intent and having the network make decisions based off that intent. We did another webinar about this in April 2018 (this one with Ultimate Windows Security), where we walked through how to translate enterprise security intent to network policies and automatically enforce them, then how to orchestrate change, prevent lateral movement and shut down east-west traffic.
- Continuous security model: FireMon has long been at the forefront here. That’s a marketing-friendly way of saying “We don’t let unacceptable threats be introduced and we give an average enterprise the ability to connect with world-class, intent-based security.”
Watch the entire webinar below. Early on there’s a great sequence about how medieval castles are very similar security-wise to modern hybrid enterprises. (Really!)