Complexity is the enemy of security. Some companies are forced to put together as many as 50 different security solutions from up to 10 different vendors to protect their sprawling technology estates — acting as a systems integrator of sorts. Every node in these fantastically complicated networks is like a door or window that might be inadvertently left open. Each represents a potential point of failure and an exponential increase in cybersecurity debt. We have an unprecedented opportunity and responsibility to update the architectural foundations of our digital infrastructure and pay off our cybersecurity debt. To accomplish this, two critical steps must be taken. First, we must embrace open standards across all critical digital infrastructure, especially the infrastructure used by private contractors to service the government. Until recently, it was thought that the only way to standardize security protocols across a complex digital estate was to rebuild it from the ground up in the cloud. But this is akin to replacing the foundations of a home while still living in it. You simply cannot lift-and-shift massive, mission-critical workloads from private data centers to the cloud.
Right from the start, the name zero trust has unwelcome implications. On the surface, it appears that management does not trust employees or that everything done on the network is suspect until proven innocent. "While this line of thinking can be productive when discussing the security architecture of devices and other digital equipment, security teams need to be careful that it doesn't spill over to informing their policy around an employer's most valuable asset, its people," mentioned Jason Meller, CEO and founder at Kolide. "Users who feel their privacy is in jeopardy, or who do not have the energy to continually justify why they need access to resources, will ultimately switch to using their own personal devices and services, creating a new and more dangerous problem—shadow IT," continued Meller. "Frustratingly, the ill-effects of not trusting users often forces them to become untrustworthy, which then in turn encourages IT and security practitioners to advocate for more aggressive zero trust-based policies." In the interview, Meller suggested the first thing organizations looking to implement zero trust should do is form a working group with representatives from human resources, privacy experts and end users themselves.
Of course, companies don’t just want to identify risk. They want to prevent relevant threats and secure their IT infrastructure. To achieve this, boardrooms, C-suite executives and cybersecurity teams will need to focus on the most potent risks — from insider threats to misconfigured databases — to enhance their defensive posture to meet the moment. This should begin by addressing your in-house vulnerabilities. With so many data breaches caused, in part, by employees, companies can defend data by enhancing their educational and oversight protocols. For instance, employee monitoring that harnesses user behavior analytics can empower companies to identify employees who might be vulnerable to a phishing scam, allowing leaders to direct teaching and training to mitigate the risk. (Full disclosure: Employee monitoring is among my company’s key provisions.) Similarly, cybersecurity software that restricts data access, movement and manipulation can ensure that data is available on a need-to-know basis, reducing opportunities for negligence or accidents to undermine data security.
The approach to closing the understanding gap that has proven successful is "listening before talking". In practice, this means meeting the stakeholders, learning about their motivation and goals, building relationships and establishing a collaboration – basically, a feedback loop. Next was to explore the clients’ needs and their user personas by either talking to product manager(s), reading industry-related articles, or analyzing customer data because each user persona has a different goal and therefore a different task to complete in our product. For me, it’s essential to understand these differences to learn what is important to each one of them and aim for the specific quality characteristics when providing feedback on design, user experience, or product requirements. ... Practically, the shorter the feedback loop, the better. To make it shorter, I try to be there when the project starts to kick off and requirements are shaped, or when first prototypes are done, and generally be proactive by asking what’s the next important thing, inviting different stakeholders for pairing and collaborating closely to discover and share important information about the product.
By creating API-driven applications, we have exposed a much bigger attack surface. That’s number one. Number two, of course, we have made it challenging to the attackers, but the attack surface being so much bigger now needs to be dealt with in a completely different way. The older class of applications took a rules-based system as the common approach to solve security use cases. Because they just had a single application and the application would not change that much in terms of the interfaces it exposed, you could build in rules to analyze how traffic goes in and out of that application. Now, when we break the application into multiple pieces, and we bring in other paradigms of software development, such as DevOps and Agile development methodologies, this creates a scenario where the applications are always rapidly changing. There is no way rules can catch up with these rapidly changing applications. We need automation to understand what is happening with these applications, and we need automation to solve these problems, which rules alone cannot do.
CAIR is involved in research and development in AI, robotics, command and control, networking, information and communication security, along with the development of mission-critical products for battlefield communication and management systems. CAIR was appraised for Capability Maturity Model Integration (CMMI) Maturity Level 2 in 2014 and has ISO 9001:2015 certification. As part of the Defence Research and Development Organisation (DRDO), robotics was one of the priority areas of CAIR, said V S Mahalingam, former director, CAIR. Mahalingam joined DRDO in 1986 and served in Electronics & Radar Development Establishment (LRDE) till 2000 before he moved to CAIR. “Concentrating on the development of totally indigenous robots, the lab developed a variety of controllers and manipulators for Gantry, Scara, and other types of robots. With the experience gained from these initial years, the lab developed an autonomous guided vehicle (AGV). The expertise in control systems required for robotics was applied to the development of control laws for Tejas fighter,” Mahalingam added.
For the most part, network architects fall into department management roles overseeing teams of network engineers, system administrators, and perhaps application developers. The goal of a network architect is to design efficient, reliable, cost-effective network infrastructures that meet the long-term information technology and business goals of an organization. The trick is to accomplish those long-term goals while also permitting the organization to meet its short-term business goals and financial obligations. ... Successful network architects must be able to see the big picture regarding current and future information technology infrastructure, not only for the organization but for the industry and general business environment as well. Individuals fulfilling the job role must be able to produce a documented vision of network infrastructure now and in the future. Documentation is important because a network architect must be able to present their vision of current and future network needs and goals to C-level management, employees, and other stakeholders. They must be able to communicate why their vision is correct, and why those stakeholders should provide the resources necessary to bring that vision into fruition.
The volume and velocity of data generated at the edge is a primary factor that will impact how developers allocate resources at the edge and in the cloud. “A major impact I see is how enterprises will manage their cloud storage because it’s impractical to save the large amounts of data that the Edge creates directly to the cloud,” says Will Kelly, technical marketing manager for a container security startup. “Edge computing is going to shake up cloud financial models so let’s hope enterprises have access to a cloud economist or solution architect who can tackle that challenge for them.” With billions of industrial and consumer IoT devices being deployed, managing the data is an essential consideration in any edge-to-cloud strategy. “Advanced consumer applications such as streaming multiplayer games, digital assistants and autonomous vehicle networks demand low latency data so it is important to consider the tremendous efficiencies achieved by keeping data physically close to where it is consumed,” says Scott Schober, President/CEO of Berkeley Varitronics Systems, Inc. It’s not much of a stretch to view edge as an integral computing of the fast evolving hybrid cloud.
The consensus is STG will likely form either a complete new company out of its newly acquired businesses - hoping the sum of the parts will make STG a major player in the security space - or simply allow customers to pull together a security plan on an a la carte basis from STG's various parts. "You can see a future where we're going to have a clash of some really sophisticated industry heavyweights. You're going to have to compete with Microsoft; you're going to have to compete with Cisco. So if you're going to get in a fight with Microsoft and Cisco, you better bring a big stick. And it looks like they've now got a big stick," says Frank Dickson, program vice president at IDC. Peter Firstbrook, vice president and analyst with Gartner, believes STG is putting together a portfolio to deliver a one-stop shopping experience for those looking for a suite of cybersecurity products and solutions to protect their organization. "One trend they could take advantage of is the propensity of buyers to seek out fewer, more strategic vendors that have integrated solutions," Firstbrook says. "Eighty percent of buyers want to consolidate the number of security products and vendors to make their security operations more efficient."
Observability is monitoring the behavior of infrastructure at a granular level. This facilitates maximum visibility within the infrastructure and supports the incident management team to maintain the reliability of the architecture. Observability is done by recording the system data in various forms (tools) such as metrics, alerts (events), logs, and traces. These functions help in deriving insights into the internal health of the infrastructure. Here, we are going to discuss the importance of tracing and how it evolved to a technique called distributed tracing. Tracing is continuous supervision of an application’s flow and data progression often representing a track of a single user’s journey through an app stack. These make the behavior and state of an entire system more obvious and comprehensible. Distributed request tracing is an evolutionary method of observability that helps to keep cloud applications in good health. Distributed tracing is the process of following a transaction request and recording all the relevant data throughout the path of microservices architecture.
Quote for the day:
"Every great leader can take you back to a defining moment when they decided to lead." -- John Paul Warren