CISOs Face New Challenges in Hybrid Security

18-6-2024 Business Services https://smestreet.in/feed/ 33






As of  2023,  almost 13% of full-time employees  work from home , with over 28% working a hybrid model. Organizations are no longer relegated to centralized datacenters, but most aren’t fully remote or in the cloud: their data and operations increasingly follow a hybrid model. This shift is driven by distributed teams, including branch offices, work from home, and roaming work, as well as the benefits of scalability and flexibility offered by the cloud.
At the same time, In  2023  India received 2138 weekly attacks per organisation which is 15% surge since 2022. According to  Check Point’s Cloud Security Report , there is a critical surge in cloud security incidents, marking a significant increase from 24% in 2023 to 61% in 2024 (a 154% increase) highlighting the escalating complexity and frequency of cloud threats. 
Adopting a hybrid environment is unavoidable, and  Gartner   anticipates that “By 2025, over 50% of network firewall deployments will involve more than two deployment factors from the same vendor — up from less than 10% in 2023.” 1  While the benefits of this new ecosystem are vast, it increases the complexity of security and management.
As CISOs contend with balancing security with business needs, they must grapple with strengthening cyber   resiliency   across   all   infrastructure   while   managing   multiple   firewall   types.   They   are   thus   faced   with a new set of operational challenges that must guide their choices when designing a hybrid security framework and maintaining an acceptable security posture.
The   best-of-breed   approach   of   point   solutions   is   often   operationally   unsustainable,   prompting enterprises to choose a   Hybrid Mesh Firewall   platform.
What is a Hybrid Mesh Firewall platform?
According   to   the   inaugural   2024   Gartner ®   Market Gude for Hybrid Mesh Firewall Platforms, “A hybrid mesh firewall (HMF) platform is a multi-deployment firewall including hardware and virtual appliance, cloud-based, and as-a-service models with a unified cloud-based management plane. It is built to support hybrid environments and evolving use cases by offering mature continuous integration/continuous delivery (CI/CD) pipeline integration, native cloud integration, and advanced threat prevention capabilities extending to Internet of Things (IoT) devices and DNS-based attacks.”
At its most basic, a HMF platform offers multiple firewall form factors, centralized management, and integration with third party tools such as Identity Providers and CI/CD integration and others, to mitigate the complexity of using multiple point solutions from several “best-of-breed” vendors. A fragmented “best-of-breed” approach results in an unwieldy arsenal of tools that further lead to management   complexity,   high   maintenance   overhead,   siloed   visibility,   inconsistent   policy   enforcement, procurement fatigue and varying levels of security effectiveness across the IT infrastructure.
To ensure their organization’s security and business needs are met, CISOs must evaluate potential Hybrid   Mesh   Firewall   platforms   against   several   core   challenges   and   the   capabilities   that   can   address them.

The Main Challenges of a Hybrid IT Environment
While   there   seem   to   be   an   endless   number   of   difficulties   in   securing   and   managing   a   distributed ecosystem, the main pains CISOs face can be boiled down to four, as follows.
#1 - Increased risk of breaches across multiple environments
Each   working   environment   requires   individualized   enforcement   points,   increasing   the   risk   of   cyber vulnerabilities and breaches. This requires the deployment of several different kinds of firewalls, including on-premises, virtual, cloud native and firewall-as-a-Service.
This   sort   of   multi-firewall   ecosystem   needs   to   integrate   with   diverse   systems   and   controls,   including   IoT   (Internet of Things) devices,  Cloud Security Posture Management   (CSPM) and  SD-WAN . Security teams often don’t have the manpower or bandwidth to learn the details of multiple tools from different vendors, resulting in security gaps and a weakened risk posture.
Solution: Achieving consistent threat prevention and zero trust
These   issues   can   be   addressed   by   a   consolidated   architecture that   offers   essential   threat   prevention   capabilities:
-         AI-powered   :   A   HMF   infused   with   AI/ML   capabilities   can   identify   zero-day   malware   and phishing by relying   on big data and threat analysis  rather than existing indicators of compromise (IoCs).
-         Global   propagation   of   threat   intelligence:   Advanced   platforms   can   share   intelligence   of   zero- day threats across all enforcement points globally in seconds, including to cloud firewalls, firewall-as-a-service (FWaaS), endpoints and mobile security.
-         Virtual patching against the latest vulnerabilities: A platform with an advanced intrusion prevention system (IPS) works to virtually patch against the latest vulnerabilities (CVEs), keeping   your   systems,   servers   and   applications   secure   even   if   your   IT   department   has   not had time to patch these individually
-         Other   advanced   capabilities:   Recursive   DNS   security   and   advanced   endpoint   solutions   are needed to block and contain threats for process-level protection.
-         Support for zero trust initiatives: To support   zero trust   initiatives across your IT environments, HMFs should offer granular policy enforcement using attributes such as user, machine, device identities, data sensitivity, target application, and risk.
#2 - Compliance complexity
By   default,   the   hybrid IT   environment   is   indicative   of   silos   of   multiple   technologies   and   teams.   The disparate ownership over different security tools and security operations can cause a   compliance   nightmare for CISOs.
When organizations secure their attack surface using multiple best-of-breed solutions, the result is a Swiss   cheese-type   infrastructure   riddled   with   blind   spots.   It   becomes   extremely   challenging   to   maintain compliance consistently while managing multiple products and their unique policies.
Solution: Unifying visibility and forensics
A Hybrid Mesh Firewall platform can ease the need for multiple vendors, but there still needs to be cohesion   between   teams   and   environments.   Look   for   specific   features   that   enable   unified   visibility   and incident response, such as:
-         Unified console: A single pane of glass dashboard can break down silos and foster collaboration   between   teams,   enabling   streamlined   logging   and   unified   event   management across firewalls, .
-         Consolidated visibility and logging: What if you could see all the logs and events in your environment   in   one   place,   across   clouds,   remote   users   and   office   networks?   Since   visibility   is key to passing audits, demonstrating compliance, and carrying out forensic investigations, this kind of consolidation can save hours if not days.
#3 - High administration and operations overhead
The   lack   of   cohesion   among   point   solutions   forces   administrators   to   move   between   multiple   consoles   to create and update policies and keep security controls up to date. This forces IT staff to spend time and resources learning new features and dashboards and furthers the risk of security breaches.
Solution: Consolidating and automating management
A   consolidated   solution   is   needed   to   eliminate   silos   and   centralize   management   for   increased   visibility and efficiency. Look for:
-         A   cloud-delivered   management   system:   A   cloud-delivered   platform   enables   teams   to   run with the latest security engines, features and controls with continuous, non-disruptive   updates.
-         Agility   to   transition   and   manage   workloads:   HMFs   should   give   you   the   freedom   and   agility   to manage workloads in any hybrid environment, with security serving as an enabler rather than an inhibitor across hybrid networks, workforces, and clouds. Key to this capability is automated policy enforcement per workload type.
-         Robust cloud support through integrations with cloud service providers: By integrating with cloud   service   providers,   the   HMF   tracks   changes   and   dynamically   adjusts   policy   enforcement to enable set-and-forget cloud security administration.
-         Integration   with   enterprise   security   controls   and   architecture:   When   evaluating   platforms, prioritize a   vendor with   built-in   support or API-based   integration   with   third   parties   to   limit the manual administration of your team.
-         Centralized   incident   response:   A   hybrid   mesh   firewall   that   delivers   unified   monitoring   and alerting   can   facilitate   extended   detection   and   response   (XDR)   and   managed   detection   and response (MDR) operations for proprietary and third-party security solutions.
-         AI assistants: Generative AI assistants can reduce the time required to perform common tasks   by   up   to   90%,   enabling   admins   to   quickly   update   policies,   resolve   tickets,   and   verify   protections.
#4 - Procurement and budget limitations
Budgets   are   always   a   top   concern,   and   with   multiple   enforcement   types   and   different   pricing   models, securing a   hybrid   environment can   be costly and unpredictable.   A best-of-breed   approach   can   add to the pricing and procurement complexity of multiple vendors.
Solution: Ensuring licensing flexibility to use any enforcement point
Using a   Hybrid   Mesh   Firewall with   an   agile, predictable pricing model   to   accommodate   evolving security needs allows organizations to respond to changing needs without requiring new licenses, purchasing approvals or vendor renegotiation. For example, a single per annum per user pricing structure that includes ALL subscriptions, hardware, software   and support provides the flexibility to change enforcement points during the year as your IT needs change. While you may   start   the   year   with   30%   of   your   firewalls   in   the   cloud, 50%   on-prem   and   10%   as   FWaaS,   you may want to transition to 50% cloud firewalls, 20% on-prem and 30% FWaaS. A flexible pricing model will let you make that type of transition without any change to your current vendor   agreement.
Ready to Learn More?
Check   Point   Software   Technologies   is   proud   to   have   been   recognized   by   Gartner®   as   a   Representative Vendor for Hybrid Mesh Firewall Platforms.   To download the report, click here .
The   Check   Point   Infinity   Platform   is   a   cloud-delivered,   AI-powered   platform   that   sets   a   new   standard   in enterprise cyber security strategy, delivering a Hybrid Mesh Firewall that lets you meet the needs of tomorrow with confidence.
To   learn   more,   download the solution brief   or   log in to the platform   and   start   your   test   drive   today! You can find even more resources her e:  https:// checkpoint.com/ solutions/hybrid-mesh- firewall/


 














Read The Rest

Related News

All Rights Reserved SME Helping business owners succeed and grow
Page 10 | Page 20 | Page 30 | Page 40 | Page 50 | Page 60 | Page 70 | Page 80 | Page 90 | Page 100 | Page 110 | Page 120 | Page 130 | Page 140 | Page 150 | Page 160 | Page 170 | Page 180 | Page 190 | Page 200 | Page 210 | Page 220 | Page 230 | Page 240 | Page 250 | Page 260 | Page 270 | Page 280 | Page 290 | Page 300 |