By Brian Gleeson, Head of Infinity Product Marketing, at Check Point Software Technologies
I spoke to a good friend the other day, who until quite recently was a practicing chief security officer for a large company. For the sake of this article, I’m going to refer to him as Gustavo, which is not his real name. Anyway, Gustavo broke down his life as a CISO for me.
“As a CISO I need to constantly evaluate threats to my organisation, and the risks,” Gustavo said. “And I need to rationalise what I’m spending on security. But much of my time was spent meeting with security vendors. I shudder to think how many separate interactions I had each week meeting with vendors; understanding the features and functions of their solutions, how much training my team will require; how I will need to maintain the solution; and, finally, how I’m going to pay for it.”
Before too long, Gustavo said he had to take a step back and look at his security strategy, because what he was doing was neither optimal, nor scalable for his organisation. “I had to understand every vendor’s solution I used in my shop, how best to use it, and what else I can do with it,” he said. “I found that there was a great deal of overlap between different solutions. A vital part of building a security strategy for me was analysing my tools and how they function.”
Gustavo ultimately started consolidating security vendors and solutions, bringing down the number of vendors he worked with to a more manageable number. Gustavo’s situation is not unique.
As the world becomes more connected and networks continue to evolve, securing IT environments has become increasingly complex. To combat these attacks businesses deploy multiple point solutions, many of which focus on detecting and mitigating threats rather than preventing them before they breach enterprise networks. This reactive approach to cyber attacks is costly and ineffective, complicating security operations, and creating gaps in the security posture of an enterprise.
To better understand the current climate Check Point commissioned Dimensional Research in April 2020 to survey 400 global security leaders to capture hard data on their attitudes about the state of cyber security in their organisations.
Challenges facing the enterprise
Increased complexity: 92% of the cybersecurity professionals polled said that growing IT complexity makes security more challenging. Attack surfaces have expanded as organisations adopt public cloud computing, SaaS applications, enabling mobility, and supporting remote work as a result of COVID19.
The threat landscape: 91% of survey respondents said they see an increase in the sophistication of cyber attacks. Check Point researchers have also seen attackers use creative ransomware tactics and new types of cloud attacks.
There’s a global cybersecurity skills shortage: Security teams today are frequently understaffed and overwhelmed trying to meet dynamic business needs while protecting their organisations against attacks. According to Gartner, the current skills shortage will increase and it will become more difficult recruiting experienced security professionals.
Too many security solutions: 99% of the companies surveyed use solutions from multiple security vendors and agree that managing them is challenging and makes securing their organisation more complex. Most organisations don’t upgrade their security systems fast enough and use aged solutions that cannot defend against the current generation of attacks. Managing and integrating multiple solutions from different vendors takes time, resources, training, operation overhead, and increased budget – all things most security teams are in short supply of.
The five criteria for an effective cyber security architecture
Organisations need to adopt a holistic cyber security strategy that addresses today’s security challenges by eliminating complexities and inefficiencies, sealing security gaps, and protecting their organisations from both known and unknown threats.
A modern approach to today’s security challenges includes:
A consolidated architecture: By embracing a consolidated architecture that enhances security coordination and effectiveness, organisations will improve security and save budget used to integrate multiple, siloed solutions. A unified architecture will reduce operational overhead and more easily allow organisations to address many of the security challenges they face today.
Prevention technology: Adopting an active threat prevention approach enables organisations to block attacks before they can cause damage to their systems. With the increase in the sophistication of attacks, volume, and speed, relying on detection-only technology and human remediation can be disastrous.
Automation and planning: Security protections need to work at machine speed to stop malware that operates in milliseconds. Real-time automatic updates of all enforcement points is critical to protecting the sheer number of attack surfaces at most organisations. Automating processes creates efficiencies and improves security team effectiveness.
Visibility and control: For security teams to react in real time to prevent cyberattacks and minimise the damage to their organisation a single view of the entire environment is needed to improve visibility and control. A centrally managed security infrastructure eliminates visibility silos and helps improve defenses.
Agility and enablement: In today’s business environment waiting for a security team to secure a new app or cloud environment is not always acceptable. In many cases, DevOpps teams will release solutions without proper security rather than waiting. Security teams need to operate at the same speed and effectiveness as other parts of the organisation and serve as a business enabler.
A consolidated cyber security solution like Check Point Infinity, can provide organisation with a security strategy that deliver unprecedented protection against today's most sophisticated attacks across networks, cloud, endpoints, mobile and IoT devices. It enables organisations to solve security gaps, reduce risk, and maximise total cost of ownership.
Today’s IT security has grown complex and unmanageable, just as Gustavo discovered. With a new generation of cyberattacks spreading quickly across myriad attack vectors, a new approach to cyber security is needed that enhances business agility and protects all IT assets and the data stored within them.
It’s time for organisations to move to a consolidated architecture that will improve their security posture, security operations, and control costs. Check Point Infinity combines the industry’s broadest solution set with the most advanced threat prevention technologies available today.