Please Mind the Complexity Gap

Written by

As the world of IT security has developed, so too have the issues plaguing the enterprises that have adopted advanced security strategies. For years, experts have been trying to resolve a security deficit with a slew of technologies that it has now exploded out of control. Almost unknowingly, an alarming gap has formed.

When a gap appears, so do associated hazards that can lead to dire consequences. Rail passengers would often hear the famous words ‘mind the gap’, an audible and visual warning phrase highlighting the danger of the abyss that lies between the edge of the platform and the tracks.

In the tech world, the warning signs have been ignored, and now there are too few security resources to monitor and manage the snowballing number of technologies that are used within organizations. This space has been coined ‘the Complexity Gap’.

The Big Issues

Enterprises have been taking a more traditional route to achieving a secure organization by investing more in technology to try and alleviate the tremendous the pressure that security teams face, but that has not solved the situation. It has become impossible to keep up with the millions of rules or thousands of devices within a business due to the shortage of resources which has formed due to a lack of effective security management.

Exploiting an enterprise’s infrastructure has become the go-to-sport for cyber-aggressors with breaches becoming daily news. The network security infrastructure systems have become overwhelmingly complex for SMBs and large enterprises. They are being insecurely integrated, making it difficult for enterprises to allocate adequate security funding to precise flaws.

Combine that with the evolution of IoT, and you have the perfect recipe for disaster. IoT devices connected within an organization’s network has attributed to much of the problem. ForeScout Technologies reported that the average business must deal with 7,000 IoT devices in the next 18 months with smaller businesses potentially having more. Attackers have clocked on. There have been incidents involving malware infiltrating a variety of IoT devices that would be connected to the internet and would direct an attack towards large websites and the internet backbone, slowing internet traffic down to a grinding halt. The Mirai botnet is a perfect example.

So, where are the IT professionals to prevent this? With a global shortage of qualified security professionals, corporations are struggling to find skilled staff to man their complex defense systems which have been implemented out of compliance rather than security, leaving them exposed.

Intelligent Security Management

To rectify the Complexity Gap and reduce it, a new approach is needed that allows security teams to better manage all their investments in security, from firewalls to routers and switches. A new trend within the industry has seen management technology as a ‘workforce multiplier’ being the light going forward.

The attraction to using management technology is that it fixes key issues within the Complexity Gap using automation and analysis that human resources cannot provide. These tools have been designed to aid enterprises with their own policies, frameworks and compliance requirement to automate tasks. Some decrease time needed for cybersecurity investigations.

Others enhance project management by decreasing time needed for security audits and facilitating better use of security already in place within an organization. This allows for better optimization of the technology in use, uncovering the needles in the haystack by contextualizing the security information as well as rationalizing the information so that enterprises can focus on the bigger security issues.

Adopting this kind of approach may well be the answer in helping restore balance and close the Complexity Gap. It is ideal for delivering a rapid response for automating security policy configuration in line with laid down compliance practices and improving the organization’s security posture. It also dramatically reduces the operational expense through detailed analysis and risk simulation so that people can focus on areas that are higher value and remove the very time consuming aspects of security management.

Nevertheless, the problem will get worse before it improves. With businesses adopting more devices and no immediate response to the cybersecurity skill shortage, the Complexity Gap is likely to widen. There are solutions to the problem, it is just whether organizations are quick enough to act before it’s too late. The final warning has been announced: “Please Mind the Gap.

What’s hot on Infosecurity Magazine?