Speaking at RSA Conference 2017 Wendy Moore, director of user protection at Trend Micro, presented a session on going beyond next gen to deliver security with maximum impact.
Moore said that there are key things that companies can look for in security solutions that can help them protect not only what they have today but also help them and support them as they change their IT philosophy moving forward.
“The modern enterprise is categorized by always trying to be more competitive in the market, more global in nature and trying to do things more rapidly. There’s been a lot of paradigm shifts when it comes to IT. Right now we are undergoing multiple paradigm shifts, and they are all happening at the same time, and what that’s doing is it’s creating a lot of difficulty for the IT manager/organization to get their arms around their most important information.”
We’re seeing shifts to the cloud, added Moore, and shifts to more virtualized server workloads, and more mobile devices – all of these changes are happening very quickly.
As we move along with that, she said, security needs to think about how it will protect corporate information as we move to all of these new IT models.
“Gone are the days when you could have a secure perimeter around your organization,” Moore argued. “There are three key things that are happening that are making that perimeter go away, become more porous and really making perimeter security defenses not a strong way to do things”, which are:
- Cloud virtualization
- Complex networks
- Consumerization
In terms of moving beyond next gen security, we hear a lot about having a silver bullet that will help you solve all of your security needs, said Moore. However, in reality, there are a lot of things you need to look for in order to get a solution that will actually evolve with your organization and your IT delivery models.
First, you need a solution that is smart: a cross-generated blend of threat defense techniques.
Second is a solution that is optimized: designed for and integrated with leading platforms and applications.
Third is a solution that is connected: allowing for centralized visibility and control and automatic sharing of threat intelligence.
“Things have very much changed,” she added, “now the problem of unknown threats is what organizations are really struggling to deal with.”
To conclude, Moore highlighted the following as the next steps that companies need to take to maximize their security beyond next gen:
- Evaluate if you are using everything your existing solutions have to offer
- Identify gaps in each key domain: hybrid cloud, network and endpoint
- Look for solutions that:
- Continue to evolve threat protection techniques to address new threats
- Cover entire threat protection lifecycle: protect, detect and respond
- Share threat intelligence amongst security layers