7 minute read
THE RISE OF PREDICTIVE DEFENSE
from OUTLOOK 2022
by cxoinsightme
DAVID BROWN, SECURITY OPERATIONS DIRECTOR AT AXON TECHNOLOGIES SUMS UP THE YEAR THAT 2021 WAS AND OFFERS HIS TAKE ON WHAT TO WATCH OUT FOR IN 2022.
The cybersecurity industry saw some key trends emerge from defenders and attackers in 2021. The defense trends were, in almost all cases, a direct result of the threat trend — these defense trends were reactive, and for many, it was too late.
Advertisement
Key lessons from 2021
One of the growing threat trends we have seen over the last year is targeting Managed Services Providers (MSP) and Cloud Services Providers (CSP). This targeting allows an attacker to have a significant impact per attack as it can span numerous victims. MSP and CSP have value but also risk. Running on someone’s infrastructure means you lost control of how and if that infrastructure is protected.
In response to this trend, defense trending is growing in attack surface awareness, commonly referred to as Digital Footprinting. We see a slow yet growing understanding of this need. As users of MSP and CSP now have a greater need to understand their entire attack surface, not just what is left in-house.
It’s no surprise that ransomware is still the leading threat trend. As the value of crypto rises, the greater the incentive for cybercriminals. Every time a victim pays, it guarantees further attacks against others and, in many cases, repeated attacks upon themselves. In almost all cases of ransomware that we have investigated, unpatched remotely managed or cloudhosted systems were the initial point of access. These systems loop back to the defense trend of attack surface awareness.
The UAE threat landscape
In the UAE, we saw MSPs being targeted, as also the supply chain within the medical industries on several occasions. There was no vulnerability management in these cases, nor were there real-time monitoring and response services within the targeted sectors. Organisations in the UAE need to start understanding that basic cyber hygiene is core to any protection.
The world’s most fantastic AI threat prevention solution cannot save you if you leave the front door wide open with a welcome mat out and no one to check the IDs of the people walking or out of that door. The same is true for MSPs — they need to take the security of their infrastructure as a critical service, offering complete vulnerability management and real-time monitoring and response within their managed infrastructure.
Bracing for hybrid work
The evident concern is corporate assets operating outside of the controlled environment — this needs to be handled in a draconic manner. The best way to manage these devices is with combinations of application and access controls. It is deploying connection-aware host-based firewalls, remote gateway proxies, and MFA VPN solutions.
On top of this level of access control, other requirements are software inventory management, agentbased policy auditing, vulnerability management, and fully managed anti-malware, host intrusion detection/ prevention system, all with reporting to real-time monitoring and response. In a more straightforward statement, the more visibility, the greater the ability to protect, detect and respond.
Coming up in 2022
Attack Surface Management is an important area. We are predicting growth in this area, which supports the concepts of predictive defense. Once you understand your attack surface, you can create a threat landscape and threat profiles linked to cyber threat intelligence services with Priority Intelligence Requirements (PIRs) and Organisation Specific Intelligence Requirements (OSIRs).
These allow an organisation to shift from a reaction-based defense (right of boom) to a proactive-based defense (left of boom). The growth of proactive-based defense is an area where we push into 2022 and hope others will too.
RETHINKING HOW ENTERPRISES CONSUME IT
MOHAMMAD ABULHOUF, SENIOR SALES DIRECTOR, KSA, BAHRAIN & QATAR AT NUTANIX, SAYS THE FUTURE OF ENTERPRISE IT WILL BE A CENTRALISED ENVIRONMENT THAT IS MANAGED EQUALLY BY DATA ON SERVICES THAN THE SERVICES THEMSELVES.
The consumption of products and services has changed for good. We live in a consumercentric world where we switch on the television and watch the service we elect, whether that is Amazon Prime, NetFlix, or Apple TV. The point is that as consumers we have taken back the power of choice, explored what works for us, and are now able to pay as much or as little as we are willing to for the service we want.
So why should IT be any different? If we have learnt anything from the last decade it is that consumer patterns shape IT behaviour – IT no longer dictates what can and what can’t be done. Think back to the discussions around Shadow IT. Which then sets the scene for the question “why are we as an industry still billing and selling technology in protracted contracts and licenses?”
Living room IT.
Let’s talk in comparisons for a bit, as consumers we buy mobile services from a carrier, content from a streaming service, fibre from a provider and we pipe it all down to a device which can be connected in myriad ways. The whole concept can be compared to how the multi-cloud universe works.
But we still love out boombox at a house party or a braai, we are loathed to get rid of our DVDs, and we proudly collect vinyl, which is very much the onpremise part of the consumer existence. None of which is going to be replaced easily – nor should it be.
But it is a world of overlap and inefficiency with multiple sources, subscriptions and commits to multiyear contracts that are sometimes wholly underutilised.
One app to rule them.
Much like modern IT, all of these services are a nightmare to manage. If you are in a multi-cloud environment with multiple SaaS-based contracts and subscriptions, you understand the enormity of the task at hand. Knowing what you are spending the most on and what your teams are actually using to its full potential is a feat in accounting.
Now add license management to the mix and consider that vendors are trying to eke out more of your wallet than before by selling you additional capabilities and you are in an endless fight with a bloated balance sheet, yet still unsure if you see the value.
As an industry, we need to seriously start considering bringing all these services together. If as a consumer you were given a single service which you could buy all your services through, see you spend, manage your usage, and then use this data to see where there is overlap and where there is underutilisation – would you buy it?
Consolidated thinking and consolidated costs.
What IT is sorely lacking is consolidated thinking. Many services profess to help you create a view of your multi-cloud resources, SaaS apps and collaboration services, but few give a control plane for full visibility. We might know where things are, how they are working, but we need to start pooling this data to start identifying overlap to minimise inefficiencies in both cost and resources.
Now add to this the fact that we are still selling five-year licenses which we try and bloat every year by adding additional services to keep our balance sheet healthy. CIOs and IT professionals are starting to kick back – and it is about time. As much as consumers we want to pay for only what we consume so do CIOs want a model where they can scale services up or down, remove unnecessary investments when they have run their course and invest that capital elsewhere when needed.
The subscription service has been made easier to digest because of the cloud, but now we need to start adopting it into all aspects of IT. The real value IT can give a customer is flexibility. The value to the end-user is then multiplied by their ability to adapt to change. Such as the immense change they have endured over the past eight months as a result of the pandemic.
Rethink required.
How does the future of enterprise IT look? It is a centralised environment that is managed as much by data on your services than the services themselves. It is controlled through a single plane, it is managed centrally, and it is billed monthly. Allowing business, the ability to adapt, change, move and scale as and when they need to. Not when they are dictated to do so.
