The information and cyber security industries faced more than a few challenges last year: from new regulations, technology innovations and numerous high profile data breaches.
Data breaches are, of course, nothing new. The difference now is the size and scale of these breaches and the nature of the sensitive and critical data stolen; hackers have moved on from email addresses to instead seek out passport numbers and CVV data from credit cards, and are able to spend far longer strolling around an organization’s network without being detected.
The Marriott International data breach from November 2018 was a prime example. Hackers had been able to access the network for four years with no unusual activity detected or any alerts raised. It has since been revealed approximately 5.25 million unique unencryptedpassport numbers were part of the vast volume of data stolen.
Supporting IT evolution
Organizations have evolved beyond perimeter-only security models to increasingly lock down data – both at rest and in motion. A fundamental part of this is encryption, but to be effective, encryption must enhance, not constrain IT evolution.
However, embedding cybersecurity solutions into an organization’s network creates a number of challenges in itself:
- Higher complexity
- Scalability becomes a real headache
- Key management and key rotation become almost impossible across large estates
What’s more, as organizations have layered technology on top of technology, the technology stack itself has become complex and huge amounts of resources and operational overhead are needed to manage it. In today’s digital world where flexibility and business agility should be at the top of the agenda, having an unresponsive security solution tied to the network is just not an option.
Introducing Information Assurance
Encryption needs to be deployed as a function within an Information Assurance (IA) security overlay, on top of an organization’s existing network and independent of the underlying transport infrastructure. This makes the network itself irrelevant, with emphasis instead placed on applications and IA posture.
This approach also has economic and commercial benefits. Taking security intelligence out of the network allows it to focus on its core task: managing and forwarding traffic. With routers and switches no longer needing large security feature sets, organizations can save money and resource and invest this in a true IA security posture with data protection at its core.
Additionally, by introducing a software-defined approach to data security ensures the data is protected in its entirety – regardless of whatever network or transport it goes across. The approach enables a centralized orchestration of IA policy and centrally enforces capabilities such as software-defined application segmentation using cryptography, key management and rotation. Segmentation brings further benefits through its ability to block lateral movement once an attacker has breached the perimeter defences.
It’s no secret that key changes to security strategies throughout 2018 could have prevented or reduced the impact of numerous high-profile data breaches, and it all comes down to a change in mindset.
Get in touch with our team to find out why, this year, the emphasis needs to be placed on data security and IA, with security deployed as a network overlay.