In “Borderless Behavior Analytics – Who’s Inside? What’re They Doing?”, Uber’s CSO Joe Sullivan observes: “Most of the existing security defenses have been built to protect an enterprise architecture that no longer exists.” With hybrid environments at 77%, and 95% for organizations using some sort of cloud solution1, this is a major factor in this development. Meanwhile, Monsanto’s Gary Harbison notes in his chapter that: “As companies migrate platforms to the cloud, the key for security teams is to understand they still need the same capabilities, controls, visibility and protection as on-premises.”
That’s easier said than done. Carnival Corporation’s CISO Gary Eppinger shares this strategic approach in the book: “…we maintain the strategy of continuous development and improvement, not adopt some monolithic solution that might be outdated as soon as it is implemented.” All of our expert contributors talk about an essential re-tooling of thinking that is required for success in security strategy evolution. Eppinger’s callout of “continuous development and improvement” is a critical point to keep in mind.
Legacy environments were, in a way, built like medieval castles, with a protective moat. And their monolithic construction underwent an approach that mirrors a methodology in technology development that was popular some years ago, the traditional Waterfall model.
This methodology is still reflected in a number of security leader’s thinking. It has the appearance of being “tried and true”. But success is defined in how well individuals adapt to change. And in security for emerging borderless hybrid environments, change is here whether we want it or not. One adaptation to this challenge of change that some security leaders are embracing, like Eppinger, is employing iterative phases of implementation of solutions, and building on that, and continually improving it. In essence, that’s the core of the Agile with DevOps development model.
Take an additive approach with flexibility for improving security processes and adding new solutions. CISOs need to consider how the new security solution fits today, three years from now, and does it have the flexibility to provide value in five years? Analytics are also driving more focus on use cases leveraging specific data requirements to achieve desired results with iterative work cadences and empirical feedback.
Rip and replace strategies for large security platforms and architecture are time consuming, expensive and reduce your ability to move at customer speed to enable the business. Saying ‘no’ to new projects when new in security leadership is common as you understand the risks primarily from a technical perspective. However what is the cost to the overall business for not taking the risk?
Learn from peers on the importance of how you adopt security solutions in “Borderless Behavior Analytics – Who’s Inside? What’re They Doing?” Try to avoid saying ‘no’ with an additive approach for security solutions.