Data center security is in a perilous position. Large organizations have been using server virtualization technology for nearly 10 years and are currently testing/deploying private cloud platforms like OpenStack and VMware vCloud, and using cloud-based infrastructure from Amazon, IBM, Rackspace, and others. In spite of this progress, however, many firms continue to rely on perimeter security technologies and architectures based on physical security products like network firewalls, IDS/IPS, and other L4-7 technologies to protect physical and virtual servers. This creates significant risk to the enterprise, as legacy security tools don’t offer the right levels of agility, flexibility, efficacy, and visibility for today’s virtual data centers. CISOs need to address this precarious situation by introducing virtual network security services into their data center security strategies. Virtual network security services can offer L4-7 security controls and provide network security visibility for virtual workloads regardless of network topology, workload mobility, or physical location. Virtual network security services can also offer cloud-like orchestration with central control, software-based provisioning, and a variety of security controls that provide the ability to align with workload privacy and security requirements.
Wave of security breaches illustrates the need to step back before moving forward.
Enterprise security professionals point to unknown IT initiatives, lack of network security cohesion, and overlapping controls and processes.
Cybersecurity progress in Washington depends upon the right policies and programs based upon the right technical details.
Large organizations see SDN and network security working together for malware blocking/detection, network auditing, and improving network management.
VMworld hype masks the fact that many enterprises remain wedded to security appliances and are only “toe-dipping” with virtual security appliances.
In order to accurately assess organizations’ network security policies, processes, organizations, and technologies, ESG recently surveyed 397 security professionals representing enterprise-class (1,000 employees or more) organizations in North America. All respondents were responsible for or directly involved in the planning, implementation, or operations of their organization’s network security policies, processes, or technical safeguards.
Great potential but too much hype and confusion are getting in the way.
PCI and other regulations will drive this behavior, but CIOs/CISOs need to build an incident response program with the same focus, discipline, and rigor as BC/DR.
Network security is a top area of investment for many organizations looking to build up their defenses against cyber-attacks. At the same time, software-defined networking (SDN) is maturing and solutions are becoming capable of supporting networking functionality. Will organizations leverage SDN as a platform to deliver network security services? What impact will this have on existing processes and organizational dynamics?
High energy, strong community, scary cybersecurity situation.
CISOs must prioritize identity, data security, and security monitoring, and strive for a “single-pane-of-glass” across enterprise IT, SaaS, PaaS, and IaaS.
Cybersecurity event brings together an army of infosec nerds with a focus on threats, vulnerabilities, and innovative defenses.
Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s information security service. With over 25 years of technology industry experience, Jon is widely recognized as an expert in all aspects of information security and is often called upon to help customers understand a CISO's perspective and strategies. Recently, Jon has been an active participant with cybersecurity issues, legislation, and technology within the U.S. federal government.
© 2015 by The Enterprise Strategy Group, 20 Asylum Street, Milford, MA 01757 508.482.0188
Enter your email address, and click subscribe