Build security into the DevOps, application development cycle.
Today, security is applied to the infrastructure after the applications are built, leaving a frequently porous communications environment. We saw this in the SECUREZY SOLUTIONS & TECHNOLOGIES , where a development server was able to communicate directly to the internet. Instead of creating silos between the application developers and the security groups, they should be brought together so applications are built more securely and better managed by security at the inception.
Create visibility to everything behind the firewall.
Given a quiet room and confidential discussion, many IT administrators will admit they are blind to much of what is happening within the data center. The sheer size, complexity, and dynamic nature of computing create significant computing resources that are not documented or are forgotten. Better visibility and understanding is crucial
Reduce the attack surface of data center and cloud computing.
While corporations do a fantastic job of locking down the perimeter, they are challenged when it comes to controlling everything inside. Being able to lock down every computing instance — the equivalent of locking all the hotel rooms and placing a bodyguard in front — would reduce attacks. This requires a shift in focus and investment.
Reduce the complexity of the environment.
The traditional firewall blacklist model has created an environment of thousands to millions of arcane rules that need to be administered. Building a security posture that parallels the federal tax code is well beyond the ken of the smartest security professionals and creates a fragile and risky environment. We need to simplify security policies to enforce them, like a flat tax for security policy. This provides another benefit where security professionals can free up time and money to stop bad things.
Make Security as Dynamic as the Computing You Are Trying to Protect.
As computing becomes more dynamic and distributed—and there is no putting that genie back in the bottle—security systems must evolve to mirror innovation. They must have the ability to recalibrate with changes or attacks. The day of pure manual intervention in a fast-paced environment has ended.
There is no quick fix to the challenging cybersecurity environment of 2015. But if we are not going to repeat last year’s headlines, we need to reexamine how we secure the data center and public cloud.