Gartner 2022, SASE Day 2022: Event Themes, TakeawaysSASE, Cloud and Data Security, Privacy, CISO Strategies in Complex Environments
The past month has been filled with action-packed virtual cybersecurity events as the enterprise community continues to deal with a myriad of cybersecurity challenges. While the topics covered in Gartner's 2022 Security and Risk Management Summit - India and the SASE Day 2022 - APAC events were wide-ranging, common themes emerged and there were significant takeaways.
See Also: 2022 Voice of the CISO
Gartner 2022 Security and Risk Management Summit - India
March 7 and 8
Security leaders must lead from an offensive position to deliver the best results for themselves and for their enterprises, Tina Nunno, vice president, analyst at tech research firm Gartner, told delegates in the aptly named keynote, "Leadership Repositioning for Security Leaders."
"Security and risk leaders must not only defend the enterprise but go on the offensive to help the enterprise take advantage of a wide variety of new opportunities to help them respond to an ever-changing world of threats," Nunno said.
CISOs' historic defensive stance, both in strategy and communication, may be the reason that cybersecurity didn't receive the attention or budget it deserved, according to Nunno.
She said CISOs must be specific when communicating with their boards and must present worst-case scenarios along with the subsequent action plan to prepare the company.
"[CISOs must] coach executives through these tough digital uncertainties in this time of volatility. Reframe your culture, embrace your role as that cultural leader, and win together by delivering on cost, revenue and risk,” Nunno said.
One of the key focus areas for companies and CISOs has historically been data security, and this was the topic of a discussion chaired by Gartner senior director analyst Joerg Fritsch, titled "Outlook for Data Security."
"In recent years, we've seen more data security breaches that are also privacy breaches. So we should expect the next data breach [to be] a privacy breach. We don't expect a breach like Stuxnet [anymore], or an incident that [only] tampers with the integrity of your data," Fritsch said.
There's certainly a premium for data such as PII and EHR on the dark web, and that's why the common focus for data security and privacy must be to prevent unauthorized data access, he said.
Moving from data access to cloud storage, Neil MacDonald, vice president, analyst at Gartner, predicted in his talk, "Outlook for Cloud Security," that in the next three years, 70% of all workloads will be on the public cloud. A majority of organizations, he said, will choose multi-cloud "by design" or intentionally, adding that, of course, this complex environment will be a security management nightmare.
MacDonald cited Gartner survey results showing that, for an undisclosed number of organizations, the top challenge was security teams' unpreparedness for public cloud migration.
And 36% of the surveyed organizations said gaining security team approval and support for migration strategies tops their list of challenges, according to MacDonald.
He said there are many reasons why IT teams push back. For one, organizations are not confident about putting their most sensitive data on the public cloud, since it is multi-tenant. While cloud security has improved significantly over the years, many customers are hesitant to have such a great dependency on a cloud service provider.
Also, migrating from on-premises or legacy infrastructure to the cloud is not a simple "lift and shift" operation. It involves a lot of processes and stakeholders, and different public clouds have different architectures.
For these reasons, MacDonald's estimate that 70% of all workloads will be on the public cloud in the next three years seems questionable.
SASE Day 2022 - APAC
SASE Day 2022 was hosted by Information Security Media Group in collaboration with Palo Alto Networks.
Cloud security and software-as-a-service-based solutions have come to the fore during work from home and the demise of the perimeter.
Traditional security architectures cannot keep up with the scale of today's workloads and applications - and organizations expect uninterrupted performance for a distributed workforce. That's why Secure Access Service Edge - or SASE - has become so important today. Gartner was the first to describe the term in an August 2019 report, "The Future of Network Security in the Cloud," and later expanded on the topic in its "2021 Strategic Roadmap for SASE Convergence."
Offering practical SASE recommendations, Siddharth Deshpande, field CTO, Japan and Asia-Pacific at Palo Alto Networks, said, "If you converge SD-WAN and Secure Services Edge, you can solve many hybrid working challenges, but you need to leverage the intelligence from SD-WAN and apply it to your security policies."
When consolidating security, organizations should think about the architectural nuances and not just about cost, Deshpande said. "Be sure to do inspection of all application traffic and all applications - and bi-directional connectivity," he says.
Vicky Ray, principal at Unit 42 threat intelligence for Japan and APAC at Palo Alto Networks, discussed phishing threats with COVID-19 themes, double-extortion ransomware threats, and ransomware-as-a-service campaigns.
"If the concept of SASE was followed by organizations at all layers in the stack, then attacks like those on SolarWinds could have been avoided. These types of attacks can be stopped with behavioral detection," Ray said.
Deshpande led a panel titled "The Keys to Effectively Implementing SASE," which took a deeper dive into the topic of implementation for companies (see: Security Leaders Discuss Future of SASE).
Renald Abel, head of system technology group - India at IT service management company Hexaware Technologies, said, "When COVID-19 first started, we had to enable work from home securely. My perimeter moved from 10 to 15 offices to more than 20,000 homes. We realized we had to scale up for the long run in a secure perimeter. That is when we started embarking on the SASE journey."
Tim Nedyalkov, technology information security officer at the Commonwealth Bank of Australia, tells ISMG that he had to move thousands of employees, who worked on a large project in the Middle East, to remote locations overnight when the pandemic began. His IT team had to understand user app requirements and make those apps assessable over remote networks. "We used SASE solutions to get visibility and an understanding of the environment," he says.
Abel and others on the panel agreed that they could onboard customers much faster after they had implemented SASE and integrated SD-WAN and Secure Service Edge.
Other benefits of SASE include automation, cost savings, standardization and enhanced interoperability among various technology platforms for ease of use, they said.