{"id":16777,"date":"2023-01-31T16:32:37","date_gmt":"2023-01-31T15:32:37","guid":{"rendered":"https:\/\/www.show.it\/how-the-atomized-network-changed-enterprise-protection\/"},"modified":"2023-01-31T16:32:37","modified_gmt":"2023-01-31T15:32:37","slug":"how-the-atomized-network-changed-enterprise-protection","status":"publish","type":"post","link":"https:\/\/www.show.it\/en\/how-the-atomized-network-changed-enterprise-protection\/","title":{"rendered":"How the Atomized Network Changed Enterprise Protection"},"content":{"rendered":"<p>Cyberattacks rose at a rate of <a href=\"https:\/\/www.globenewswire.com\/en\/news-release\/2022\/08\/03\/2491085\/0\/en\/Check-Point-Software-s-Mid-Year-Security-Report-Reveals-42-Global-Increase-in-Cyber-Attacks-with-Ransomware-the-Number-One-Threat.html\" target=\"_blank\" rel=\"noreferrer noopener\">42%<\/a> in the first half of 2022 and the average cost of a data breach has hit a <a href=\"https:\/\/www.securityweek.com\/ibm-security-cost-data-breach-hitting-all-time-highs\/\">record high of $4.35 million<\/a> with costs in the U.S. peaking at $9.44 million. Unfortunately, this shouldn\u2019t come as a surprise. Enterprise networks have changed dramatically, particularly over the last few years, and yet we continue to try to defend them with the same conventional approaches. As an industry, we\u2019ve hit an inflection point. It\u2019s time to fundamentally rethink the problem set and our approach to solving it.<\/p>\n<p><strong>Networks are dispersed, ephemeral, encrypted, and diverse<\/strong><br \/>Our networks have become <strong>atomized<\/strong> which, for starters, means they\u2019re highly dispersed. Not just in terms of the infrastructure \u2013 legacy, on-premises, hybrid, multi-cloud, and edge. The capabilities, the nomenclature, and the available data for each type of infrastructure are also dispersed.<\/p>\n<p>The cloud has changed the game quite a bit, making today\u2019s networks very ephemeral. Everybody is remote and IP addresses come and go. We\u2019re no longer just talking about dynamic host configuration protocol (DHCP). In the cloud, every time we reboot a cloud instance that instance can get a new IP address. Conventions like Canonical Name (CNAME) do that mapping behind the scenes for us. However, it\u2019s incredibly difficult to stay on top of what we have, what it\u2019s doing, and what\u2019s happening to it, when what something is today may not necessarily be what it was yesterday, and teams have limited visibility and understanding of these changes.<\/p>\n<p>Compliance is adding a lot of complexity to security as practices like encryption come into play. When we talk about protecting sensitive data, we\u2019re talking about encrypting potentially all connections and endpoints and, depending on our infrastructure, managing thousands of certificates. So, atomized networks are also encrypted which is not only difficult to manage but introduces more costs and concerns. Additional capabilities for decrypting are required. And the more we decrypt, the more likely sensitive data is at risk. So, we need to try to minimize decryption as much as possible without sacrificing network visibility and control.<\/p>\n<p>Finally, atomized networks are extremely diverse. The temptation with security teams has always been to add a tool that is very specific to the environment that we are watching \u2013 tools for the network, for devices, for the web, for email. This was manageable when we were talking about one corporate network or even a handful of networks. But with the addition of new cloud environments, operational technology (OT) environments, and work from home models, we\u2019ve hit an inflection point where the number of tools that are supposed to make us more secure and make security teams\u2019 lives easier actually do neither. Security operations center (SOC), cloud operations, and network teams can only watch and do so many things, so we end up with bloat. In fact, <a href=\"https:\/\/www.ibm.com\/resources\/guides\/cyber-resilient-organization-study\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">nearly 60% of organizations<\/a> surveyed say they deploy more than 30 tools and technologies for security and yet incident volume and severity keep rising.<\/p>\n<p class=\"has-medium-font-size\"><strong>Fragmentation and gaps are rampant<\/strong><\/p>\n<p>We try to get diverse teams and tools to work together by creating yet other sets of tools, like SIEMs and SOAR platforms that are meant to try to aggregate data and automate analysis and actions. But those tools have their own sets of challenges and require that we add more tools and technologies to our security stack in order to maintain protections.<\/p>\n<p>Security has become so complex that organizations can\u2019t possibly hire enough people with the right skills to do everything required to secure their atomized network. What\u2019s more, every tool in the growing security stack serves its own purpose and every team has their own area of focus, with not enough overlap between them. Users move between multiple panes of glass and multiple environments, using tools with different capabilities, which inevitably leaves gaps that are unwatched or not effectively watched. Attackers live in those gaps. No wonder organizations say the <a href=\"https:\/\/www.ibm.com\/resources\/guides\/cyber-resilient-organization-study\/\">top three reasons why cyber resilience hasn\u2019t improved<\/a> are the inability to reduce silos and turf issues, fragmented IT and security infrastructure, and lack of visibility into all applications and data assets.<\/p>\n<p class=\"has-medium-font-size\"><strong>Rethinking and simplifying enterprise protection<\/strong><\/p>\n<p>The challenge with letting go of old technologies and methods is that humans are naturally resistant to change because it\u2019s disruptive. New expertise, new processes, and new escalation procedures are needed. However, network atomization is even more disruptive, and the time has come to cast aside aging security approaches. Securing atomized networks requires a fundamental rethink. Not a \u201cbolt-on\u201d, tacking on a new capability to a legacy toolset and hoping it integrates and solves our problem. It doesn\u2019t solve the problem. It makes it worse.<\/p>\n<p>When we are no longer tied to how things used to be, then we can rearchitect the problem from scratch for the way things are today and how they will evolve. We can get to where we need to be \u2013 a common tool set, with a common language, and a common set of capabilities that can deal with the dispersed and ephemeral nature of today\u2019s networks, doesn\u2019t have to decrypt, and can actually help security teams work more efficiently and effectively.<\/p>\n<p>In my next column,  I\u2019ll take a closer look at the gaps network atomization and conventional tools are creating, and how to close them.<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/www.securityweek.com\/how-the-atomized-network-changed-enterprise-protection\/\">How the Atomized Network Changed Enterprise Protection<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/www.securityweek.com\/\">SecurityWeek<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cyberattacks rose at a rate of 42% in the first half of 2022 and the average cost of a data breach has hit a record high of $4.35 million with costs in the U.S. peaking at $9.44 million. Unfortunately, this shouldn\u2019t come as a surprise. Enterprise networks have changed dramatically, particularly over the last few [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":16778,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[34,139,140],"tags":[],"class_list":["post-16777","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-network-security","category-siem","category-soar"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/posts\/16777","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/comments?post=16777"}],"version-history":[{"count":0,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/posts\/16777\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/media\/16778"}],"wp:attachment":[{"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/media?parent=16777"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/categories?post=16777"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/tags?post=16777"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}