Security’s Vicious Cycle – Cisco Blogs


When I booked a family vacation recently, I was reminded of the simplicity of travel planning these days. Hop on a platform like Expedia, enter your destination and travel timeline, and in just a few minutes and with a few clicks, you’re all set to jet off to any exotic location your heart desires. Booking is a simple experience. And efficient.

Imagine if we could do the same for security.

Today, security works a bit like travel booking did more than a decade ago. Remember when you had to spend a lot of time and effort getting separate information from airlines, hotels, and car rental companies, then any extras you wanted, like tour operators? You’d then have to compare options, ensure the scheduling and other details synced up — and finally make separate arrangements with each vendor. It was tedious and time-consuming. And could get complex, depending on your destination.

In security, of course, most teams deal with more than three or four vendors or data sources. A lot more. Cisco’s 2020 CISO Benchmark report showed that 13% of organizations have more than 20 security vendors. And ESG’s 2020 Integrated Platform report indicated that 30% of organizations use more than 50 different security products while 60% use more than 25. More often than not, these vendors’ products don’t talk to each other. So, it doesn’t surprise anyone that 76% of organizations claim that threat detection and response is more difficult today than 2 years ago.

Isn’t it time for the security industry to do better?

Security’s vicious cycle

This may be a familiar scenario:

  • You have more users connecting everywhere, more devices accessing data, and new digitization initiatives demanding more teams and new workflows to secure it all — with limited resources.
  • You can’t forget to keep the software you already have up to date against a growing number of vulnerabilities and sophisticated tactics and techniques used by adversaries.
  • You added more solutions to solve individual problems, but these point solutions fragmented your visibility across users, devices, applications, and networks — you get more visibility, but not in one place to easily understand the complete picture.
  • Your solution sprawl now represents as much of a vulnerability as new threats. And don’t know where to close the loop with manual workflows that lack shared context or any collaboration between your SecOps, ITOps and NetOps teams.
  • Incidents take longer to investigate and remediate. And more vendors offer you yet more tools to solve this problem.

This is the vicious cycle that security teams are stuck in today. Over time, security has grown more complex and overwhelming to manage.

Which brings me back to my earlier thought — imagine if we could do for security what Expedia did for travel.

To simplify security, it would take a platform approach that integrates all your security solutions in the backend, and connects them to a consistent interface that unifies visibility, enables automation, and strengthens security across all control points. Just like Expedia changed how you experience travel planning; this integrated platform would completely change how you experience security.

 Watch the 90-second Cisco SecureX explainer

The evolution of platform approaches

The platform approach is certainly not a new idea. SIEM is one of the earliest examples. Considered revolutionary when introduced over a decade ago, the technology picked up steam as customers looked to solve alert fatigue, along with compliance.

But SIEM — and now its younger cousin, SOAR — only addresses part of the problem. While it correlates data and automates incident investigation so you can respond to alerts faster, these additional layers of technology burden your team with the labor-intensive ask to integrate many control points one by one. And beyond security operations, what about the security use cases that IT and network operation teams care about, such as policy management.

Both customers and vendors are realizing that security platforms need to evolve, and platforms are becoming a buzzword. How do you sift through the noise? You have to think about the outcomes you want, and how the platform meets those outcomes.

We built our platform with the idea that security solutions should work as a team, learning from each other, listening to each other, and responding as a coordinated unit. We believe this is a systematic approach that both simplifies security and makes it more effective.

How SecureX helps escape the trap

For several years, we’ve been working to integrate our security portfolio across all the control points, so our solutions work seamlessly on the backend. Now, Cisco SecureX takes this work to the next level, connecting the backend to a unified frontend as well as your existing security  investments. A platform that gives our customers the ability to access their security from one central location across the full life cycle.

SecureX connects the breadth of Cisco’s integrated security portfolio and customer’s entire security infrastructure for a consistent experience that unifies visibility, enables automation, and strengthens your security across network, endpoint, cloud, and applications. The result is a simplified experience, built into the Cisco Security products you already have – it’s not a new layer of technology you must buy and deploy before you realize new value. And if you have an existing SIEM investment, SecureX will connect to it to unlock the full potential of your security working better together. With an open platform, security teams can easily integrate the products they use now, as well as cutting-edge products they’ll want to use in the future.

With SecureX, you can:

  • Confidently secure every business endeavor: Meet your security needs of today and tomorrow with the broadest, most integrated security platform that covers every threat vector and access point.
  • Unify visibility across the entire security infrastructure: Gain actionable insights with analytics across network, endpoint, cloud, and applications to accelerate threat response and realize desired outcomes.
  • Automate critical security workflows: Increase the efficiency and precision of your existing resources to advance your security maturity and stay ahead of an ever-changing threat landscape.
  • Collaborate better than ever: Share context between SecOps, ITOps, and NetOps to harmonize security policies and drive stronger outcomes across workflows.
  • Reduce complexity and maximize portfolio benefits: Advance the potential of your Cisco Security investments, try other components of the Cisco portfolio with a click before you buy, and connect to your existing security infrastructure via out-of-the-box interoperability.

What’s next

We want to simplify your experience, accelerate your success, and protect your future — and we’re just getting started with our platform approach. We have a bold vision for where we want to go in this journey, and we invite you to come along.

 

Share:



Reference: Source link

Sr. SDET M Mehedi Zaman

Currently working as Sr. SDET at Robi Axiata Limited, a subsidiary of Axiata Group.

Leave a Reply

Your email address will not be published. Required fields are marked *