I recently spoke at a virtual event hosted by Ultima (a VMware Principal Partner) – an evening that combined heated discussion about the latest emerging cyber security threats… and gin tasting. It certainly loosened conversational inhibitions, made for really interesting debate – and I now know my Edinburgh Seaside from my Edgerton Blue Spice!
I was asked to address the dilemma many organisations are facing today – how to tackle cyber security in the cloud when they’re hosting apps and workloads on premises and across public and hybrid clouds.
From the customers I speak to, many of whom have needed to embrace the cloud for operational continuity over the past 12 months, I know it’s a hot topic right now – “How can I securely achieve in the cloud what was working for me really well on premises?”
My answer is that the shift to a different digital operating model requires an equivalent shift in security mindset. At VMware we are focused on intrinsic security – meaning that security is inherent across digital infrastructure, rather than needing to be “bolted on” at specific points to meet a singular requirement.
Crucially, this intrinsic security needs always-on, intelligent automation to rapidly analyse all workloads and applications – and simultaneously analyse cyber criminal behaviour patterns, to detect emerging types of attack and constantly evolve defences.
Here’s our point of view on how this should come together to give you the peace of mind to embrace cloud with confidence as a pillar of future operational agility…
Why does security need to be “intrinsic”?
Today, more than ever before, organisations and their security and IT leaders are focused on improving security posture. This includes minimising risks, deploying consistent security controls, enforcing compliance, and implementing strategies, such as ‘zero trust’, that maximise protection in a world of proliferating threats. Yet achieving this is not easy. Most organisations are hampered by having to manage too many bolted-on security solutions with teams that are siloed and often working with limited context and information on the potential impacts of threats.
Intrinsic security is a fundamentally different approach to protecting your business. It’s not a product, or tool, or “bundle”. It’s a strategy for leveraging your infrastructure and control points in new ways – in real time, across any app, cloud, or device – so you can shift from a reactive security posture to a position of strength. Intrinsic security is about using what you have in new ways, so you can help unify your security and IT teams and empower them with deep context and insights that accelerate how they identify risk, and prevent, detect, and respond to threats.
How does this physically manifest itself in the tech required?
Instead of relying on standalone products, an intrinsic approach maximises security controls built directly into the infrastructure. This is different to integrated security. It is not about taking a hardware firewall and repackaging it as a blade in a switch. It is about reimagining firewall capabilities and building those controls directly into your infrastructure. Intrinsic security is built directly into software. And by leveraging the virtual layer, you can use your existing infrastructure in new ways to protect your endpoints and workloads, networks, workspaces, and clouds, while gaining greater visibility and control over policies that protect your business.
This isn’t about technology in isolation, however. An intrinsic security approach brings tools and teams together by enabling your security professionals to use data and events from IT and operations to more effectively control threats and policies. This unified approach leverages cloud, application, and device infrastructure to provide richer insights about applications and the infrastructure. By bringing together the technology and insights used by your security and IT teams, your people can collaborate more and increase their agility to respond to new vulnerabilities and active threats.
How does AI and automation play its part?
Our VMware Carbon Black Cloud solution thwarts attacks across your infrastructure, 24/7, by leveraging AI and ML to analyse billions of system events to understand what is normal in your environment. This prevents attackers from abusing legitimate tools and automates your investigation workflow to respond efficiently to any emerging threat. All of this is unified into one console and one agent, so that infrastructure and security teams have a single, shared source of truth to improve security together.
The vital advantage of this? Context. Intrinsic security should provide deep context both about threats and what you are protecting – your endpoints, workloads, networks, workspaces and clouds. Context-centric security means you always know behaviours and intended actions – including data, users, access points, and configurations. Ultimately, it equips you with powerful intelligence that enables you to quickly understand: the workloads behind your apps and how they communicate, the network services they consume, the users and devices are connecting to those apps, and more.
Intelligent, intrinsic security is the future of cyber security and I’d be very happy to discuss it further – if this resonates with you, please do feel free to connect.
Learn more here