decrypting myths
If the security
surrounding
innovation is not up
to par, it could end
up doing more harm
than good.
that is popular with some of the world’s
largest and most complex businesses.
Fluid security places a heavy focus
on developing a unified, agnostic and
continuous security programme. This
involves establishing processes that
control the security of the network
environment until it is no longer required
while guaranteeing that the varied
security environment doesn’t include
any redundancy – whether that be in
technology, employees or processes.
When properly applied, security teams
are able to support changing enterprise
needs at the drop of a hat with negligible
impact on the rest of the business.
Prioritise data equality
In terms of security, being data agnostic
means that, regardless of the source,
data must be stored in a central hub
and like-data must be normalised
and amalgamated, irrespective of
environment type, vendors, etc. Data
should be integrated into clean datasets,
eradicating duplicates, to facilitate more
effective analysis. These data handling
processes need to be the first steps
taken to guarantee the successful
simplification and centralisation of a
complex, fragmented environment.
Once the data is centralised, the next
step in reducing the complexity of that
data is to find a way to model it. By
creating an always up-to-date model of
hybrid network infrastructure, security
controls, assets, vulnerabilities and
threats, new possibilities of insight into
the interrelationships of a network can
be revealed. Modelling can help an array
of security management processes,
unifying teams with a comprehensive
overview of a business’ attack surface.
Eradicating
disconnected processes
Having disconnected processes in a
hybrid environment is a common pitfall,
primarily because individual teams are
made to take responsibility for separate
areas of the network. In a growing
number of workplaces, the problem of
operational siloes goes beyond security
and operations teams and is also an
issue for DevOps/DevSecOps teams.
While each team has their own specific
task, the procedures that make up their
everyday role must point towards a
single aim. Taking DevSecOps as an
example, they may have processes for
‘security in code’, but any updates to
new or prevailing systems could have
consequences for compliance status.
Owing to this, they will need to be
constantly observed in case their risk
status changes.
In this instance, having full visibility of
cloud networks is vital. It’s only with a
comprehensive understanding of the
environment that security teams are able
to identify and analyse vulnerabilities
within services and containers. In
addition, when considering policy
68 Issue 24 | www.intelligentciso.com