By Edwin Doyle, Global Cyber Security Strategist, Check Point Software
The technology stack is no longer a neat and organized stack! Cloud, endpoints, network and IoT have dispersed the stack into a mess – or what the industry is calling a “Mesh.”
DevSecOps doesn’t do stacks
This massive shift away from the traditional stack, including the folks in DevSecOps, means that more groups of people, including those outside the department of the CISO, are adopting a new approach to security which Gartner has labeled Cyber Security Mesh Architecture.
Neil Hopper, the Chief Information Security Officer and board member at ISACA, details it like this, “The increase in remote access to on premise data centers and cloud resources is driving the need for a flexible, compostable architecture that integrates widely distributed and disparate security services. The goal is to move parameters encapsulating data centers to also creating perimeters around identities and objects that are not on premise or on the same network – specifically, users accessing objects from anywhere, anytime and with a variety of device form factors. It also enables organizations to bring cloud services into the zero trust architecture and employee adaptive access control with more granular analysis of both subjects and objects.”
Vendor consolidation provides the best Mesh
Some vendors have understood this for quite some time and have encouraged a consolidated approach. It is said that there is nothing new under the sun… Remember back to the UTM days! The ever promised single pane of glass (which never quite happens, but less than six panes of glass is entirely possible) provides this visibility into all of these disparate technologies and, most importantly, provides an overarching policy threaded throughout every technology in the organization.
The trick is to host a global wide policy, but to allow individual site offices and/or responsibilities of departments to engage their own subsequent policy under the hierarchy of the global corporate agreement.
Mesh saves money
Gartner has predicted that Cyber Security Mesh Architecture will help reduce the financial impact of security incidents by 90% and that by the year 2025 it will support more than 50% of digital access control requests.
Security on-the-fly
This new approach requires a complete reconfiguration of our current networked history, bringing security teams into the planning stage early, which will help activate the processes necessary to implement a more robust overall security posture for the organization.
Like zero trust, the cyber security mesh architecture creates a so-called perimeter, but at the identity layer and focuses on unifying disparate security tools into a whole, interoperable system.
This matures security teams from managing fragmented and separately configured security services to deploying a more limited number of vendors to identify specific threats, thus reducing the noise from fragmented systems alerting a myriad of potential false positives.
The possibility of a mesh architecture has resulted from a more agile API approach, promising multi cloud ecosystems and the flexibility of a DevSecOps – a security as we go approach.
For more from Edwin Doyle, please see CyberTalk.org's past coverage. Lastly, to receive more cutting-edge cyber security news, best practices and analyses, please sign up for the CyberTalk.org newsletter.