Intelligent CISO Issue 50 - Page 33


Leading a successful security transformation with Security Service Edge ( SSE )

In this interview with Intelligent CISO ’ s Jess Abell , Neil Thacker , EMEA and LATAM CISO for Netskope , highlights why traditional network security architecture is no longer fit for purpose , as well as why organisations should consider adopting a Security Service Edge ( SSE ) approach .
Jess Abell

wWhy is the traditional network security architecture not fit for purpose in the cloud era ?

In this cloud era , most organisations ’ workforces are more dispersed than ever , as well as the applications they ’ re using and , of course , the data . The apps and data we use are no longer on an asset or server that we own within our data centre .
The challenge for most organisations is that connecting employees through a corporate network and back out to the cloud continually shows a diminishing return – and adds a level of risk while increasing friction and complexity .
We ’ ve seen organisations look to move their network and security controls to the Edge – a virtual interconnectivity platform between a device and the services that are being consumed , with the goal to provide quick and efficient access to services wherever an employee is .
Organisations that are having to steer employees back through a data centre , multiple silos or products to apply security or network controls are thinking about their existing network and security architecture not being fit for the cloud era .
How have attacker techniques evolved to the cloud ?
Identifying misconfigurations in cloud is one of the top threats security teams face . Attackers know that if they can compromise a misconfigured cloud instance , they can not only access data but also use the cloud as a proxy for further access into the organisation . If you gain access to one cloud application or piece of infrastructure and you can get access to APIs , those keys may allow the attacker to move across multiple cloud environments .
Another aspect is phishing , which is still common . We ’ ve seen attackers are moving to host their phishing pages on known and well trusted cloud applications .
Another threat vector organisations need to consider is malware delivery . Traditionally , malware will be delivered through the web channel as a link or in a phishing email . Attackers have become very smart , knowing they can use cloud applications to deliver malware . This is an issue because
Neil Thacker , EMEA and LATAM CISO for Netskope many organisations have put those applications and trusted apps into an ‘ allowed ’ list which circumnavigates standard security policies .
As an example , in our most recent Netskope Cloud Threat Report , OneDrive was responsible for delivering 33 % of malware to organisations . Other similar cloud applications are also used as vectors to deliver malware into organisations .
Why is the growing patchwork of vendors required in a perimeter-based security approach a source of frustration ?
We have this term ‘ console fatigue ’ – when you ’ re jumping between multiple consoles or user interfaces in a day , sometimes in the same hour . That causes fatigue and the challenge is , of course , each console has some underlying technology which requires updates .
The problem we ’ re seeing is that this approach typically fails because of the complexity . The requirement to manage all these consoles adds risk to the organisation too .
What are the key requirements to the business when it comes to security products ?
1 . Mitigating a business risk and improving the security posture of the organisation , ensuring it meets a specific requirement www . intelligentciso . com