The Importance of Consolidating your Infrastructure Security

Extremely secure

Cybersecurity

SUMMARY

1. Introduction2. Why Consolidate - The Drivers3. Knowledge is Power and Simplicity is your Friend4. Consolidating your Lot5. A Consolidated Future

2

Cybersecurity

1. INTRODUCTION

3

We are witnessing an onslaught of attacks coming in from highly organized cybercriminals.

the situation was recently described by U.S. Secretary of State, John Kerry as, « …pretty much the wild west… ».

If cybercrime is highly organized, then we, in turn, need to be highly organized to counter the threats.

The « wild west » needs to be well and truly controlled by consolidating our infrastructure security.

Cybersecurity

2. WHY CONSOLIDATE - THE DRIVERS

4

Many organizations have found themselves in a situation that has, over the years created an infrastructure security profile that is nebulous.

This is often the result of bringing in point solutions to deal with specific threats and building up a disconnected arsenal as issues evolve.

Like many areas across an enterprise, management of a multitude of approaches and tools can be onerous.

The result often ends up in a fire-fighting situation with inefficient use of resources; we end up with a reactive rather than proactive security

strategy.

Cybersecurity

2. WHY CONSOLIDATE - THE DRIVERS

5

The concept of pulling your resources together and understanding what you have at your disposal is, in general, a good thing to do, after all, knowledge is power in the fight against cyber security

threats.

However, external forces such as compliance and regulation are also driving the need to be more streamlined and efficient, making management of the compliance process a seamless and

less stressful operation.

There are a number of reasons why infrastructure security consolidation is a good idea.

Cybersecurity

3. KNOWLEDGE IS POWER AND SIMPLICITY IS YOUR FRIEND

6

Whilst going through this exercise, one watchword should be at the forefront of

everything you do, simplicity.

The acronym KISS that stands for « keep it simple, stupid », is one that can inform

correct choices.

In security, anything that is overly complex results in multiple points of failure, poor

uptake and human error.

The first step in consolidating your infrastructure security is to understand what you already have and where that falls short.

Cybersecurity

3. KNOWLEDGE IS POWER AND SIMPLICITY IS YOUR FRIEND

7

The security complexity is increasing, especially with game changers like Bring Your own Device (BYOD), and the highly disruptive Internet of Things (IoT).

The issue arises when older technology comes up against the new. This is where knowledge can create simplicity.

A key area that a knowledge-based approach can improve efficiency is to create a more cost effective security infrastructure.

The amounts spent on cyber security preventative measures are massive.

$101 billion*

is expected to be spent by enterprises on cyber security

in 2018.

*from Analyst firm Gartner

Cybersecurity

4. CONSOLIDATING YOUR LOT

8

Cyber threats are now more sophisticated and multi-faceted, as our technology emerges, so do the threats.

We find ourselves in a situation with our point solutions of having « too many cooks spoiling the broth ».

The administration and update of the products alone, is a management nightmare.

More point solutions means more points of failure - more areas that can allow a cyber threat to become a breach.

Cybersecurity

4. CONSOLIDATING YOUR LOT

9

Much anti-virus software, for example, cannot keep up with the new threat landscape. Definition updates can be way behind the threat curve.

Imperva looked at a number of AV software solutions and found that 75% of their definitions were out of

date by almost a month.

Cybersecurity

4. CONSOLIDATING YOUR LOT

10

Consolidation requires modernization and the time is now.

A modern approach is to use holistic technologies, capable of managing the highly distributed and diverse infrastructure of today’s enterprise.

Consolidation is something that can bring your extended network and Internet application resources together, rather than keeping them as separate entities as end point products do.

From the knowledge base you created at the outset of consolidation,you will understand the type of security tools that can impart

a more holistic approach to your security infrastructure.

Cybersecurity

4. CONSOLIDATING YOUR LOT

11

A good supporting architecture is the foundation of your infrastructure –

using a reverse proxy architecture can give you many security benefits,

including being able to more efficiently handle HTTPS traffic.

A Web Application Firewall (WAF) and especially the use of

smart web application protection, is a highly effective modern method of preventing attacks at the application

layer and into the extended web service layer.

Cybersecurity

4. CONSOLIDATING YOUR LOT

12

Another area ripe for consolidation is your authentication policies. Single Sign On (SSO) across enterprise and web applications is one way to cut down on resource greedy user account management issues.

Other authentication options such as the use of two-factor authentication should also be applied where needed and can be part of an SSO system.

Centralizing your security strategy, through

virtualization is another possible coping mechanism, which can reduce costs and

make security a more manageable asset.

Cybersecurity

4. CONSOLIDATING YOUR LOT

13

The best way to consolidate your security infrastructure is to see itas a process of change.

Taking your deep understanding of your enterprise extended architecture and data flows and applying a modern holistic approach, using new security 2.0. tools, to create a modern and strategic security infrastructure.

Cybersecurity

5. A CONSOLIDATED FUTURE

14

The modern enterprise is made up of fuzzy, ever extending layers. Our approach to securing our infrastructure needs to be one that can handle a very complex and often changing environment.

Flexibility and simplicity need to be at the heart of our approach to security infrastructure management.

With the extension of the enterprise touch points, into Cloud environments and with emerging disruptive technologies like the Internet of Things, we have to create a new paradigm of thinking when it comes to perfecting our security infrastructure.

Cybersecurity

5. A CONSOLIDATED FUTURE

15

Consolidation of what already exists within that infrastructure using security 2.0 thinking will allow us to build the type of robust enterprise that is prepared for the onslaught of threats that we see on a daily basis.

We need to prepare ourselves for both insider as well as outside threats, by using knowledge and applied intelligence; intelligence from our own personal experience as well as that of security 2.0 tools like those in the

smart web application protection camp.

We have to create enough flexibility in our infrastructure to cope with a threat landscape that changes, this requires creative security to build a

streamlined, robust and reliable infrastructure security model.

company/united-security-providers

companies/unitedsecurityprovidersag

https://www.united-security-providers.ch