By Alexander Jones, International Banker
Are we winning the battle against cybercrime? For many industries, the answer to this increasingly pertinent question is a resounding “no”. And with the push towards digitalisation and remote working and learning environments having accelerated in the last few years, the need to remain vigilant in cybersecurity has never been more important.
Indeed, the threat from cyber-hackers has only grown expeditiously in recent years as digitalisation has positioned many businesses’ cyber-assets outside their traditional security perimeters. This situation has been further exacerbated by the COVID-19 pandemic, during which remote working has become the most popular and safest employment model for firms all over the world. And that means under this “new normal” mode, workers, management and customers tied to an organisation will be operating in a significantly more geographically extended environment compared to the pre-COVID era.
With devices distributed across a much larger spread of locations, therefore, security threats have become all the more palpable, with companies looking to address them with more robust cybersecurity solutions. Indeed, with resources extended over a much larger area, security must be similarly expanded. Valuable resources being increasingly located outside traditional business perimeters and physical boundaries means that greater access to enterprise applications from personal devices and unsecured networks is needed.
It is in these situations that the cybersecurity mesh is proving especially useful. Gartner has been among the technology’s staunchest advocates; a cybersecurity mesh architecture (CSMA) is “a composable and scalable approach to extending security controls, even to widely distributed assets”, according to Gartner. CSMA enables a more composable, flexible and resilient security ecosystem.
With enterprise security infrastructure requiring greater agility to cover applicable resources, such as employees working on their organisations’ intellectual property from their homes, a CSMA foregoes establishing a secure perimeter around the entire network of the business but instead focuses on protecting each device and access point. “The objective is to bring a distributed approach to network and infrastructure security, moving away from the traditional perimeter-centric approach,” explained digital identity-management specialist Keyfactor. “Instead, the security design is centered around identities of humans and machines on the network, creating smaller, individual perimeters around each access point.”
This approach enables organisations to allocate more security where it is needed at any given time, thus boosting the flexibility and scalability of cybersecurity control, and also permits the security perimeter to be defined around an object or a person’s identity. “Rather than every security tool running in a silo, a cybersecurity mesh enables tools to interoperate through several supportive layers, such as consolidated policy management, security intelligence and identity fabric,” Gartner added.
Gartner also noted last year that security and risk-management leaders are experiencing widespread disruption in identity and access management (IAM) solutions, particularly due to the growth in customer-facing interactions on digital channels as well as the sudden and rapid expansion of the remote workforce since the onset of the pandemic. “IAM challenges have become increasingly complex,” according to Akif Khan, senior director analyst of Gartner, “and many organizations lack the skills and resources to manage [them] effectively. Leaders must improve their approaches to identity proofing, develop stronger vendor management skills and mitigate the risks of an increasingly remote workforce.”
As such, Gartner has predicted that the cybersecurity mesh will support over half of all IAM requests by 2025, which will facilitate a more explicit, mobile and adaptive unified access-management model. “The mesh model of cybersecurity provides a more integrated, scalable, flexible and reliable approach to digital asset access control than traditional security perimeter controls.”
“With enterprises continuing to have geographically distributed workers, this architecture will enable organizations to define security parameters around devices and identities, paving the way for reliable, flexible, and scalable cybersecurity controls,” according to Xoriant, a US-based software-development, technology-services company, which lists four main ways in which a CSMA can help:
- Creates a modular security approach: A cybersecurity mesh designs and implements an IT (information technology) security infrastructure not on a single physical perimeter but across smaller, distinct perimeters around each device or access point. This enables a modular and more responsive security architecture that covers physically disparate access points of the network.
- Enables a more responsive security architecture: These days, resources and assets of value are often located outside an enterprise’s traditional perimeter and across various geographical locations. A cybersecurity mesh allows protection to be extended across all those assets. “By enabling organizations to secure each and every device, asset, and network, [a] cybersecurity mesh paves the way for more responsive security and allows employees to work safely and securely from anywhere, at any time.”
- Centralises policy orchestration: The cybersecurity mesh enables security to be implemented around end-points and identity instead of traditional physical, logical boundaries. This ensures information is accessible over the network only to authorised network personnel. “By centralizing policy orchestration for all employees, it ensures the same rules apply for information access—no matter where the information or the resources are located, who tries to access them, and from where.”
- Distributes policy enforcement: Whilst centralising policy orchestration, a CSMA also distributes policy enforcement. It does this by making enterprise security infrastructure agile enough to cover resources working on the organisation’s intellectual property, decoupling policy decisions and enforcement, thus allowing easy access to assets whilst ensuring security remains at the required level.
To design a CSMA, it is important for businesses not to focus only on optimising their IT security infrastructure by creating perimeters around individual access points rather than around the entire slate of devices. Such a strategy seeks to reconfigure cybersecurity away from creating walled cities around a network. This also means that security policies must be applied at the identity level or individual level rather than at the network level by using firewalls, checking IP (Internet Protocol) addresses and controlling ports.
This ensures that resources are secure no matter how the rest of the infrastructure changes. “Since enterprise data can no longer be contained within an enterprise network, all connections must be considered unreliable unless they can be verified. A cybersecurity mesh helps implement a zero-trust architecture by securing all data, and systems are accessed securely no matter where they are located,” IAM firm OneLogin explained on its website in March 2021.
A cybersecurity mesh will become more regarded as an essential security requirement only as assets increasingly exist beyond the traditional security perimeter. “Anywhere operations continue to evolve, the cybersecurity mesh will become the most practical approach to ensure secure access to, and use of, cloud-located applications and distributed data from uncontrolled devices,” according to Brian Burke, Gartner’s research vice president for technology innovation.