To minimise the ever-increasing financial impact of cyber attacks in multi-cloud environments, more organisations are looking to deploy a cyber security mesh architecture.
So said Gary Peel, cloud business development manager at Fortinet, speaking yesterday during the ITWeb Security Summit in Johannesburg.
Peel says while multi-cloud environments are “here to stay”, they increase the attack surface due to the fragmented parameter usually deployed by organisations.
A multi-cloud environment is one where an enterprise uses more than one cloud platform (with at least two or more public clouds) that each delivers a specific application or service. It can be comprised of public, private, and edge clouds to achieve the enterprise’s end goals.
According to market research firm Gartner, the rapid evolution and sophistication of cyber attacks and the migration of assets to the hybrid multi-cloud creates a perfect storm. It notes that IT leaders must integrate security tools into a co-operative ecosystem using a composable and scalable cyber security mesh architecture approach.
Quoting Gartner during his presentation, Peel said: “By 2024, organisations adopting a cyber security mesh architecture to integrate security tools to work as a collaborative ecosystem will reduce the financial impact of individual security incidents by an average of 90%.”
Peel believes mesh architecture will be critical as most organisations do not have adequate skills to protect their multi-cloud environments.
Citing a recent study conducted by Fortinet, Peel said lack of security skills is the top challenge in multi-cloud environments, followed by data protection, understanding how solutions fit together, as well as loss of visibility and control.
“We are seeing three major cyber security trends around cloud security,” said Peel. “First is a more sophisticated threat landscape with an accelerations of advanced threats. Two, the convergence of networking and security, which Fortinet refers to as security-driven networking; and three, the move towards consolidation of security vendors and solutions to reduce complexity and accelerate responsiveness to threats.”
He added that the attack surface is becoming more porous and perforated.
“Attacks are moving with much greater speed compared to one year ago, owing to offensive automation through API [application programming interface] execution of threats.”
Limitations of traditional networking
Peel also pointed out that traditional networking lacks awareness of content, applications, users, devices, location and more, making it difficult to protect distributed environments.
To respond to this issue, he said some organisations overlay security onto the network, but this leads to increased complexity, slower network performance and a reduced user experience.
“A security-driven networking approach converges networking and security into a single, accelerated solution. A specially-designed operating system and security processors work in concert to greatly improve network performance and security posture, while adding greater visibility and awareness. This results is a better user experience, reduced management complexity, and lower footprint and power consumption.”
According to Peel, cyber security has traditionally been deployed one solution at time in response to emerging threats or challenges.
He explained that while each new security solution – typically from a new vendor – provided gains in security, these solutions were not designed to integrate and communicate effectively with other solutions.
“This puts significant pressure on security teams that have to manage multiple vendor systems and solutions. Automation is difficult to achieve and complexity is increased in this case.
“A more effective approach is to consolidate point product vendors into a cyber security mesh platform, allowing for much tighter integration, increased automation, and a more rapid, co-ordinated, and effective response to threats across the network.”