Intelligent CISO Issue 24 | Page 67

decrypting myths How to manage network risk using fluid security With organisations utilising new technologies in the age of Digital Transformation, it is vital that the security surrounding innovation is up to standard. Amrit Williams, Vice President of Products at Skybox Security, tells us why fluid security practices are so important in developing a successful security programme and thus relieving pressure for CISOs. s organisations A forge ahead with their Digital Transformation initiatives, there is a growing burden being placed on their security teams. Their workload is only mounting as more businesses move towards cloud-first, or even cloudonly, infrastructure. As well as being expected to secure new services, these teams must simultaneously manage the security of the prevailing on-premise infrastructure and assets. The promise of cloud-only environments is appealing: when properly executed, it promises to eliminate network fragmentation. But there are a number of challenges associated with the implementation of each new service and device that are becoming increasingly difficult for the CISO and their team to navigate. The complexity inherent to managing cybersecurity is continually ramping up. This is certainly true for managing the security around both public and private clouds. Although these are services that are usually supported by a variety of cloud service providers (CSPs), they are also regularly misconfigured. While the cloud promises great benefits for the business, there is a long road to actually seeing them come into fruition. If the security surrounding innovation is not up to par, it could end up doing more harm than good. Using fluid security to secure innovation within complex hybrid networks For a majority of organisations, hybrid networks have become standard. This means security teams are required to manage a growing attack surface made up of on-premise IT, OT, cloud and thirdparty environments. This has created a stressful environment for CISOs who are tasked with preventing any mishaps. Never before has there been a greater need for a robust, focused and lasting risk management strategy. One such strategy focuses on developing ‘fluid security’ practices – this is a strategy www.intelligentciso.com | Issue 24 67