Cyber Risk Leaders Magazine - Issue 6, 2021

Page 26



Network and Data Center Security By Guy Matthews, Editor of NetReporter

26 | Cyber Risk Leaders Magazine


urviving the pandemic has tested everybody’s powers of endurance. For individuals, and for enterprises everywhere, it has been a troubling and disruptive time. For many businesses it has been a matter of adapting at light speed to ensure survival. It has also seen several tectonic shifts at the level of IT, either accelerating trends that were already in progress or creating fresh waves, the implications of which still unfolding. “Firstly there was a shift towards the cloud and enterprise digitalization as people dispersed to work remotely,” notes Mauricio Sanchez, Research Director, Network Security & Data Center Appliance, SASE Market Research, Dell’Oro Group. “We saw enterprises that hadn’t necessarily been particularly digital, as far as their clients and workers were concerned, suddenly having to dial that in. Then there was the conversation about every business's online digital experience from a security perspective.” It was an uncertain time even for seasoned security practitioners, he says: “Then this summer, ransomware hits the front pages with companies like Colonial Pipeline getting hit hard by a massive outage of their facilities. More recently we’ve seen Russia’s Yandex suffer one of the largest DDoS attacks in history. Cyber threats weren’t slowed down by the pandemic. In fact, they have probably accelerated in many respects.” Changes in working patterns, in tandem with a rising tide of security threats, forced a lot of enterprises to think about their reliance on legacy network architecture, believes Sanchez: “The classic hub and spoke model that has worked for many decades was in doubt. It was a tried and trusted model, good at protecting the inside of the corporate network, with everything backhauled to that data center at the heart. A lot of enterprises have started to understand that this architecture no longer fits what's needed, and that’s

led to a new class of architecture solutions matched by some new enabling technologies.” Not least of these has been SASE, or the secure access service edge: “We see this as the next wave in networking,” claims Sanchez. “The vendor community has responded to enterprise pressure with this intersection of networking and security, by providing a converged networking and security solution.” So what, wonders Sanchez, are the top security threats enterprises facing today? To help answer this he spoke to a panel of seasoned security professionals from around the world of commerce. Gail Coury, Senior Vice President and Chief Information Security Officer with security vendor F5 Networks, sees the challenge as multi-faceted: “At F5 we have moved so many of our applications out of our data centers,” she says. “One of our top goals is to be completely out of that business. If you look at how our workers do their work today, remotely from their home offices, they are very rarely getting on a VPN. But now we have an expanded attack surface, with some applications still in an on-premise data center, others protected by SASE, many in multiple clouds around the world helping us manage our employees and support our customers. We see threats to applications, threats to the end user, threats to the devices users are connecting from.” Attackers are busily adapting to the new defensive measures that everyone is putting in place, believes Jordan LaRose, Director of Consulting and Incident Response with security vendor F-Secure: “We have new technologies to stop classical attacks, like ransomware,” he says. “It's funny that I'm saying ransomware is classical, as it's only been around for a couple of years. But that's how quickly the industry is moving nowadays. I’d add that ransomware attackers are not just targeting computers anymore, they