Businesses have struggled with cybersecurity since the dawn of cyber threats, but it is becoming more and more challenging as network infrastructure becomes more complex. What used to be a rack (or ten) of servers in a climate-controlled data center tucked away in the building somewhere has evolved into a hybrid or multi-cloud scenario with servers, applications, and data spread across the country and around the world over the internet. At the same time, DevOps, microservices, containers, and other advances in technology make the networks themselves more dynamic and volatile. It’s important for cybersecurity tools and practices to adapt to address these rapidly evolving needs.
Three Keys to Effective Cybersecurity
Regardless of the size of a business or what industry it’s in, there are three fundamental things that are essential for effective cybersecurity: visibility, context, and scalability.
One of the simplest truths of cybersecurity is that you can’t protect what you can’t see. Without an accurate inventory of every asset and service connected to the network, it’s not possible to discover vulnerabilities, identify configuration or other security issues, or detect suspicious or malicious activity on them.
Not all vulnerabilities or security issues are equal. Effective risk management and efficient use of resources require context. A vulnerability on a public-facing ecommerce web server is exponentially more critical than the same vulnerability on a server on an internal development network. IT teams need to understand the exposure of assets and the potential security or compliance impact in order to prioritize risk allocate resources.
One of the characteristics or benefits of cloud computing, DevOps, and containers is the ability to spawn resources and expand availability as demand increases, and phase out unnecessary or unused resources when the need fades away. Cybersecurity tools need to be able to keep pace with the volatility of the cloud to ensure there are no gaps in security, and that security does not become a bottleneck that impedes network performance and productivity.
One Platform to Rule Them All
Many businesses have a vast collection of cybersecurity point solutions. In most cases, the complex web of tools is not a “strategy” in the strict sense of the word. It’s the result of cumulative band-aids applied over years. The result may address cybersecurity concerns and provide some level of protection, but it is cumbersome and ineffective—and it is not scalable.
“The issue you have today is because we have entered into a changing IT world where everything connects with almost everything,” proclaimed Phillippe Courtot, founder and CEO of Qualys. “The old security techniques—segmentation, VPN, firewall, DLP—all of these solutions you are piling on no longer work because the environment is so diverse and spread out. None of these solutions are designed for that. That also underscores why we have so many data breaches–because the tools are not equipped to provide effective defense.”
The Qualys Cloud Platform seeks to simplify and streamline cybersecurity. The collection of tools and sensors is native to the cloud. It can be deployed remotely and centrally managed for comprehensive visibility. Qualys believes that a single pane of glass that can provide visibility, context and scalability is a more efficient and cost-effective approach to cybersecurity.
Focus on Risk Management, Not Integration
Another consequence of multiple cybersecurity platforms and solutions is integration. Even if the tools themselves are adequate, the organization needs to be able to view the big picture and manage the overall security posture. Some tools are easier than others to connect and integrate with one another to correlate results, but it often requires a fair amount of effort to get different tools to work with and talk with each other. Even after all of that, the output is still not ideal.
Sumedh Thakar, Chief Product Officer for Qualys, agrees that the complexity of multiple point solutions is unsustainable. “How many tools will a company deploy individually and how much will they invest to monitor and protect all of the different networks and environments? Even if an organization has unlimited budget to buy all of the tools, each of those tools sees things from a different perspective and presents information using different interfaces and terminology.”
Experian was already on its digital transformation journey when two major cybersecurity events—the Equifax data breach and the Wannacry ransomware attack—convinced them to accelerate their efforts. Peeyush Patel, VP of Information Security for Experian, explained that the tools and processes they had were not fast enough. They needed cybersecurity at DevOps speed.
“One of the things I appreciate most about Qualys is the ease of adding components by just flipping a switch,” said Patel. “The functionality is available immediately and there is nothing to integrate.”
Patel added, “Our IT security professionals can focus on managing risk, not on integration. The Qualys agents and platform provide instant feedback. We can tell you exactly where we are at risk and the level of risk.”
Instead of figuring out how to duct tape different solutions together into something resembling a functional security posture, IT professionals can focus on risk management and address high-priority security concerns. It’s a more efficient use of manpower for the organization, and a more satisfying application of skill and time for the IT professional.
You Can’t Protect What You Can’t See
Consider the way home security has evolved. It wasn’t that long ago that we just had doors with simple locks. For greater security, you might add a deadbolt, or maybe put bars on windows. Today, many people no longer need to carry a key. There are connected devices and sensors and cameras that provide peace of mind. When someone steps on your porch, or knocks on the door, or opens a window, you’re notified. With the right technologies, you can monitor the temperature in your home from the other side of the world and receive fire or smoke alerts on your mobile device.
With network security, local antivirus and a perimeter firewall used to be enough. Over the years, that has exploded into a dizzying array of point solutions like intrusion detection systems (IDS), security incident and event management (SIEM) tools, spam filtering, encryption, and a hundred other things that need to be integrated and managed.
The complexity of hybrid and multi-cloud environments and the rapidly scaling volatility of DevOps and containers demand a new approach. Organizations need cybersecurity that provides complete visibility, contextual intelligence, and scalability to simplify and streamline securing applications and protecting data no matter what their network architecture looks like.