Today’s networks are too vast and complex to require manual maintenance and tuning — they haven’t been designed in a user-friendly way. From automated asset discovery to policy recommendations, security professionals need to adopt automation tools that incorporate an element of machine learning. This will ensure that systems and controls adapt over time without adding a management burden.
Companies no longer run on one type of network; the majority operate hybrid networks, with the balance starting to tip on favor of cloud and container environments. Unfortunately, most security tools don’t work ubiquitously across these environments and can’t readily adapt to the ephemeral nature of clouds or containers. But that’s starting to change. Security professionals should implement controls that are data- or application-centric instead of ones that rely on network constructs to function. Because networks will continue to evolve, network constructs can’t be the foundation upon which network security relies — doing so will only add frustration and complexity to security pros’ work days (and nights).
Continuous and adaptive authentication
Per the point above, since today’s networks are not static and today’s workforces are increasingly mobile, security cannot be a point-in-time or geography-based decision. Threats can be network-borne and employees/contractors can work from anywhere, therefore effective security control must be iterative and adaptive to change. Authentication mechanisms for system requests (vs. people or devices) should be based on the cryptographic identity of what’s communicating on the network (i.e., hosts, applications, services) and how, not the mechanism by which it’s communicating (e.g., IP address or port). Doing so lessens the requirement of security teams to constantly update access control lists and individual permissions.
One major hurdle in managing the entirety of companies’ corporate networks is oversight of multiple, disparate sets of policies and outputs. Utopia for most security professionals is one tool that can work effectively across hybrid networks and can be managed from a central console. Traditional security tools are too tied to the network environment to provide this capability, but tools like Edgewise are environment-agnostic. This gives security teams greater control of the network yet decreased manual intervention, complexity, and aggravation.