Most enterprises, if not all, are operating today as an unbound enterprise. Against the backdrop of the post-COVID era, the new reality is nearly everyone is working remotely and companies are continuing to migrate key data, services and apps to the cloud. Out of necessity, many enterprises have moved up their timetables for digital transformation. Consequently, their cybersecurity teams find themselves having to adapt just as quickly.
The New Reality: Moving “Left of Breach”
One organization that is moving fast is Takeda Pharmaceuticals. Mike Towers, CISO of Takeda, joined me recently for a fireside chat about how securing the Unbound Enterprise requires a more proactive approach to protecting users and data. When Mike and I both started our careers in security, it was common for cybersecurity organizations to react to the latest threat or breach by taking a forensics approach, like CSI, after an incident already occurred and trying to piece it all together.
However, solving pre-COVID security problems isn’t effective today. In this ‘new normal’ that’s here to stay, security leaders are embracing a new way forward. They are collecting more telemetry on user activity and intersection with data than they ever have before. An empirical yet ethical focus on the behavior of users will allow security to shift left of breach and proactively address cyber risks before they result in major issues.
During our discussion, Mike and I delved into a number of critical themes relative to addressing cybersecurity today. Below are additional insights from the conversation.
1. How Unbound Enterprises are operating today: organizations are going through a significant transformation. For large enterprises that have tens of thousands of employees in dozens of countries, moving to the cloud is not a choice. It’s a mandate. Security teams need to recognize data will move from on-premises, private infrastructure to multiple public clouds and SaaS providers.
2. Align security with Zero Trust, converged cloud platforms: With the dizzying array of devices, systems and applications that employees are touching, security has to assume that nothing is safe and nothing should be trusted. SASE has been gaining momentum the last year as an architecture for bringing security that used to be delivered via a patchwork of 40+ point products together into a converged, cloud-delivered platform. And when you put SASE and Zero Trust together you get the best of both worlds: a cloud-based architecture for more efficiently and more securely protecting people and data no matter where they are.
Speaking of Zero Trust, here’s Mike’s thoughts on why it will be a requirement for organanizations:
3. Moving organizations to left of breach or left of loss: Continuous authentication and monitoring can paint a picture of user behavior that becomes a baseline for detecting anomalous activity. Collecting data allows security teams to make proactive decisions to get in front of or left of breach. How does behavioral risk analytics reduce false positives and streamline security response?
4. Best practices for continuous monitoring: What are the ethical guardrails and guiding principles for monitoring user activities? From one country to another, adhering to best practices for communication, governance, and preserving privacy are keys to effectively protecting your organization, people and data.
5. Personalizing data protection: Insiders leveraging their access to do harm or other inappropriate activity are among the biggest threats to the Unbound Enterprise. From bad performance reviews to layoff notices, the context behind the activity is often the clearest signal to data loss. Why are indicators of behavior the engine for risk calculations? How can security teams dynamically apply policies that personalize security to the individual?
It’s clear to us that the traditional concepts of infrastructure-based security no longer apply. Getting to the unbound enterprise requires security practitioners to embrace the idea that users and data are the new perimeter, and that behavioral risk is the signal we should move toward.