There’s an old saying that change is the enemy of security. To avoid disruptive changes, many cybersecurity professionals strive for tight control of their environment and this control extends to the management of security technologies. Experienced cybersecurity professionals often opt to install management servers and software on their networks so that management and staff “owns” their technologies and can control everything they can.
Now this type of control has long been thought of as a security best practice so many CISOs continue to eschew an alternative model: a cloud-based security management control plane.
Given the history of cybersecurity, this behavior is certainly understandable – I control what happens on my own network but have almost no oversight what takes place on AWS, Azure, or Google’s GCP. Yup, there’s a lot of history and dogma here, but I believe it’s time for CISOs to reconsider. Why? A cloud-based security management control plane can offer some real benefits including:
- Accelerated product evaluations and proof-of-concepts. Let’s face it, it can take weeks or months to procure and provision servers, install software, and deploy everything necessary on a test network. Much of the operational overhead and cost here can be alleviated with a cloud-based management plane. In other words, CISOs can avoid upfront headaches and get right to their main objective – testing the security functionality of new products.
- Lower costs. Similarly, CISOs can alleviate server purchases, maintenance costs, and chargebacks from network operations.
- Faster product upgrades. Many vendors offering a cloud-based management plane employ an Agile development model, allowing them to make continuous product enhancements. So rather than waiting for new product revisions and dot releases, they can take advantage of new features and functionality without the hassles or delays associated with product testing and software upgrades.
To accelerate point product integration, it’s also likely that vendors will offer a security operations and analytics platform architecture (SOAPA) through a cloud-based management plane. This will help enterprises achieve the benefits of SOAPA sooner rather than later.
These benefits are hard to ignore, especially considering the global cybersecurity skills shortage. On the supply side, it’s also likely that vendors will offer customer incentives so they can slowly phase out of the software porting business as they move on-premises Linux and Windows management server customers to a cloud-based management plane.
CISOs who move toward a cloud-based security management plane should make sure that vendors offer standard documented APIs so they can ingest whatever data they want, when they want.
The benefits of moving to a cloud-based security management model speak for themselves. Given this, old school CISOs should think long and hard about maintaining the status quo.