An expanding attack surface, multiplying threats and a proliferation of tools have organizations seeking to streamline and strengthen their cybersecurity posture.
“Organizations struggling with mounting everyday cyber risk are looking to gain more control, visibility and automation and improve suspected-breach context,” said Jeanne Malone, security sales representative for General Datatech (GDT), an IT solutions provider and network integrator. “They know attackers do not think the way organizations design their technology controls, often with siloed security controls, compounding the cyber risk with a fragmented perimeter and multi-cloud strategy.”
Even with an average of 76 discrete security tools – compared with 64 in 2019 — organizations remain susceptible to increasingly sophisticated cyberattacks. For example, with 10,666 new ransomware variants in the first half of 2022 new threats almost doubled from the 5,400 detected in the previous six months, according to the most recent FortiGuard Labs Threat Landscape Report.
“A lot of organizations are starting to rethink their approach to cybersecurity because it’s difficult, costly and time consuming. They have to maintain skill sets in all the technologies (they use), and some businesses are paying for multiple solutions that may be interoperable or overlapping,” Malone said. “They are looking at it from a risk-based approach and business perspective.”
Organizations are increasingly aiming to reduce and simplify security tools and leverage an integrated foundational security layer to improve visibility, alert context,and reduce the time to respond through a cybersecurity mesh architecture approach. A cybersecurity mesh architecture is a collaborative ecosystem of security tools designed to provide protection everywhere it’s needed, anywhere in the network.
“This mesh architecture allows organizations to manage their security foundation and add where they need to, as applications increase and move to multi-cloud environments amid the shift to hybrid and remote workplaces, Malone said. “You eliminate gaps, intelligence is shared, and you can act quickly.”
Building advanced cybersecurity
By 2024, organizations adopting a cybersecurity mesh architecture will reduce the financial impact of individual security incidents by an average of 90%, according to a June 2022 report from Gartner. There are four layers in the architecture, the research firm says.
In building layers of security controls that cooperate with each other, organizations can shield themselves from threats such as phishing attacks, viruses and malware. Assets can be secured whether they are on-site or in the cloud. These security layers can help organizations reduce the amount of time previously spent analyzing many non-integrated systems and offer better contextual alerting and automation.
Additional benefits of cybersecurity mesh architecture, Malone said, include:
As they modernize their security foundation, organizations will also realign their security and identity vision with their architecture, she said.
Considerations for modernizing technology investments
A security roadmap is essential to remaining competitive in today’s technology revolution, Malone said. “Identity and security architectures (alone) have not kept pace with rapidly changing demands,” she said.
Integrating the organization’s chief information security officer (CISO) into strategic business conversations is critical to building a risk framework that supports a changing business model. “CISOs need a seat at the table because the business needs will influence how you drive your security,” Malone said.
An organization should also continually consider its business assets when planning its technology investments. “You always have to come back to your plan, reassess your risks and optimize. It’s a living, breathing plan,” Malone said.
While there are many security vendors to choose from, there are only a few that can truly deliver on the mesh architecture that Gartner recommends. One such vendor is Fortinet. Fortinet has been delivering a mesh concept with their Security Fabric platform for 10 years. The company has a broad portfolio of security-focused solutions that are easily integrated with each other and share a common operating system for cohesiveness, responsiveness and operational efficiency. In addition, they have an open ecosystem that allows organizations to leverage existing investments by offering application programming interfaces (APIs) and connectors to share security policies with other vendors.
With an evolving road map and a mesh architecture that streamlines and strengthens cybersecurity, an organization is better suited to stay ahead of the multiplying, sophisticated threats arising across expanding attack surfaces.
GDT designs, builds, delivers and manages IT solutions and services for customers of all sizes and from a wide variety of industries. Learn more.
Founded in 1996, GDT is an award-winning, international multi-vendor IT solutions provider. GDT specializes in the consulting, designing, deploying and managing of advanced technology solutions for businesses, government and health care.