The Hackers – Time Magazine person of the year runner-up, and what it means for the rest of us
This last week, Time announced their person of the year, and as expected, President Elect, Donald Trump got the nod. More interesting was the selection of Hackers as number three. In fact, cybersecurity also touches Donald Trump, the person of the year, and Secretary Hilary Clinton, the runner-up, both knee deep in the conversation and controversy. Trump with his ties to Putin and attacks against the DNC, and Hilary with her private email server. 2016 also saw terms such as ransomware and IoT botnets enter water-cooler conversation, and the credit card hacks of the past were eclipsed by an order of magnitude when Yahoo admitted the breach of over 500 million email accounts. Even the Internet was not immune, with a denial of service attack in October cutting off connectivity to many well-known web properties.
Where there is money to be made or chaos to be created, external threats to the enterprise, both on-premises and cloud, won’t go away. So, what’s a CISO to do? A lot of coverage focuses on perimeter security, and for good reason. It is the most visible, and it is sometimes easier to budget for something you can rack and stack. But ‘inside the perimeter’ security is just as important; the soft underbelly of many enterprises where mistakes are made and where user awareness is incomplete. Or, the cloud, the new virtual perimeter, with new east-west data patterns and technologies like virtualization and containers making visibility that much more difficult but at the same time imperative.
Elastic and continuous infrastructure security is therefore critical. It spans servers, networking hardware, endpoints, and storage, extending from the operating system to the application, and supporting both physical and virtual deployments. The tools now exist to enable this. They need only be deployed, a closed loop of discovery, scanning, assessment, and remediation.
Elastic means that the security fabric expands and contracts dynamically as workloads come and go. But elastic also applies to policies, where, through discovery, the proper benchmarks and standards are mapped to the proper servers. And continuous implies that the physical and virtual fabric of the enterprise must be tested in real-time against security benchmarks such as CIS and DISA. Given the pace of change in the cloud, a single misconfigured VM or container is all a hacker needs. Here, it is critical to monitor the ‘drift’ of any system against a known baseline.
Ultimately, with infrastructure security automated, the CISO is now proactive vs reactive, and has time to plan for and hopefully prevent the more sophisticated but inevitable attacks. You know, the ones you read about in the press.