Enterprise IT departments are in a precarious position, as they are:
- Urged to support a growing number and variety of user devices.
- Seeing sensitive data and applications being pushed beyond their firewalls as business teams adopt cloud services.
- Tasked with protecting it all, even though they often have limited visibility and control of those devices, applications, and services.
The situation can be a nightmare for today’s CIO, and a playground for modern hacker groups that are more organized and better funded than ever before.
“IT departments used to have full control of their company’s devices, applications, and data, and they were the gatekeepers at the perimeter of the network,” says David Goeckeler, the newly appointed senior vice president of the Cisco Security Business Group. “But that perimeter has gone away.”
Focusing on the “attack continuum”
According to Goeckeler, security breaches have become unavoidable. As a result, IT organizations can no longer focus solely on keeping nefarious individuals and software out. Rather, they must focus on the entire “attack continuum,” with a security posture that addresses all three phases of a breach: before, during, and after.
“Security needs to be pervasive, it needs to be integrated, and it needs to be tied to the infrastructure,” says Goeckeler.
Cisco has a three-pronged security strategy, he explains.
- The first pillar is centered on threat visibility, at both a local level (what is happening on a company’s network) and global level (what is happening around the world). The latter represents billions of email, web, firewall, and endpoint packets that are collected and analyzed every minute of every day, and millions of malware discoveries.
- With better visibility comes better detection and response, which is the second pillar of the strategy. Threat intelligence is continually pushed down into Cisco security products, policies, and services to improve their effectiveness. And recent acquisitions of Sourcefire, ThreatGRID, and OpenDNS have bolstered an already stout portfolio of security solutions and services.
- The third pillar is a culmination of the first two, focusing on the development of security platforms that are increasingly integrated, coordinated, and pervasive across a company’s IT resources—including data centers, cloud environments, branch offices, and endpoints.
“We want to drive security consolidation and integration throughout our entire portfolio of solutions and services, and those of our partners,” says Goeckeler. “Our evolving security platform is a software layer that delivers a consistent architecture and can span many environments. Security should be everywhere.”
Cloud as enabler
While the cloud presents notable security challenges, it is also an enabler for the Cisco “security everywhere” vision. According to Goeckeler, the cloud provides a new and broad vantage point from which global threat intelligence can be culled. And it can provide the tentacles that extend security visibility and policies across a number of environments, networks, and devices.
“Point solutions are no longer enough,” Goeckeler claims. “Companies must be thinking and making decisions at a higher level. They need to take an architectural approach to security, not the other way around.”
More than ever, companies have an opportunity to embed security capabilities wherever their data and applications reside. And it can all be tied together by cloud-based intelligence.