The cybersecurity needs of the borderless enterprise
- 27 November, 2012 14:05
A borderless nation would be extremely difficult to defend, to the point of rendering the idea unthinkable. The same can be said about borderless enterprises, except in that case the idea isn't unthinkable. In fact, borderless enterprises are becoming the rule, not the exception.
In a borderless enterprise, the traditional security perimeter no longer exists. Organizations are now faced with the task of securing highly virtualized IT environments that embrace cloud, mobile and social computing and server virtualization. At the same time, the emerging trend of software-defined networks (SDN) means that computing networks, like applications and infrastructure, are becoming ever more virtualized.
These dispersed and virtualized IT environments must defend against a rising tide of increasingly sophisticated attacks, with greater costs hitting those that fall victim. According to a recent study from the Ponemon Institute, the annual cost to remediate a data breach for the average U.S. organization was $8.9 million during the past year, up 6% from 2011. The rise in sophistication was demonstrated by this fall's wave of distributed denial-of-service attacks against many large financial institutions.
The upshot of these trends is that if cybersecurity is going to effectively protect and partition data and applications across all these virtual pathways, it will need to be embedded in the enterprise architecture.
In fact, borderless enterprises need a new cybersecurity framework and a corresponding cybersecurity architecture that can serve as a guide to implementing cybersecurity strategy and policies in a manner that ensures a consistent, well-integrated and cost-effective approach.
The main goal of the cybersecurity framework is to categorize the areas that should be secured. The framework outlined in the accompanying diagram addresses five logical domains -- users, data, applications, infrastructure and assets -- together with horizontal functions such as governance, risk and compliance; situational awareness; and security operations. Such a framework can help you migrate from tactical, point solutions to a more coordinated set of tools and techniques -- a system of systems approach that looks at the big picture. Actual frameworks will vary, depending upon an organization's industry and the countries in which it conducts business.
Logical framework for cybersecurity
Once you have outlined your cybersecurity framework, it can serve as the reference for developing the accompanying architecture. The framework tells you what needs to be protected; the architecture defines the implementation of that protection in ways that are technically feasible and adhere to standards and compliance requirements. It needs to address broad questions, such as how to establish trusted identities, how to secure sensitive data, how to secure enterprise applications, how to secure cloud computing and mobile computing infrastructures, and how to secure the cyber supply chain itself, including all the people, processes and technology involved in conducting business in cyberspace.
Implementing this new cybersecurity framework and architecture will require new thinking, new tools and new approaches for securing users, applications and data. It will likely be a hybrid of techniques such as "security by design" and "security by obscurity" -- all contributing to a layered, defense-in-depth approach. Perhaps your organization will elect to digitally hide its applications and data so they are "invisible" to everyone except trusted users. That decision will lead you to look at new tools and techniques for cloaking data, so that only trusted communities of interest can gain visibility and access -- whether that's on the traditional internal network or beyond to external cloud and mobile environments.
Or perhaps your enterprise will opt for advanced techniques for establishing and maintaining trusted identities in cyberspace. In that case, you will probably look into federated identity management in complex hybrid cloud environments, context-aware authentication (particularly useful in business scenarios related to mobile and social computing) and next-generation, biometrics-based authentication systems in mission-critical applications.
But it is the cybersecurity framework and architecture that will help you see what is needed in this highly distributed and virtualized environment before you move on to what is possible.
Nicholas D. Evans leads the Strategic Innovation Program for Unisys and was one of Computerworld's Premier 100 IT Leaders for 2009. He can be reached at firstname.lastname@example.org.
Read more about management in Computerworld's Management Topic Center.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Why change management doesn’t work
Larry Page wants to see your medical records
Dual-Persona Smartphones Not a BYOD Panacea
After two-year hiatus, EFF accepts bitcoin donations again
CIOs struggle to deliver timely mobile business apps: survey
Russian Underground 101
This research paper intends to provide a brief summary of the cybercriminal underground and shed light on the basic types of hacker activity in Russia. It discusses fundamental concepts that Russian hackers follow and the information they share with their peers. It also examines prices charged for various types of services, along with how prevalent the given services are in advertisements. The primary features of each type of activity and examples of associated service offerings are discussed as well. Read this paper.
Choice and Control – Considerations for Developing Enterprise Cloud Strategies
Enterprise-wide cloud implementation can be a challenging process, requiring a thoughtful, strategic approach. In this whitepaper, IBM® shares considerations for developing enterprise cloud strategies. It looks into how the rapid-scale enterprise-class environment can help enable the type of agile infrastructure that aids organisations in quickly meeting the demands of an ever-evolving marketplace, thereby providing true business value. Read now.
Tolly Report: Performance Survey of Virtual Environment Security
This report by Tolly tests the system resource requirements of competing vendor solutions when performing on-demand and on-access scanning functions, during distributed definition updates. Click to download how the four competing options ranked against each other.