In this podcast, Darron Gibbard, Chief Technical Security Officer EMEA at Qualys, discusses digital transformation challenges, and illustrates what an organization has to do in order to stay compliant in this ever-changing world.
Here’s a transcript of the podcast for your convenience.
Hello, my name is Darron Gibbard, and I am the Chief Technical Security Officer of Qualys. In my Help Net Security session today, I will be covering digital transformation – visibility compliance in a transitional world. Before we get into the content, and into the points through this talk, I want to agree on a definition of digital transformation. For me, digital transformation means many things. Best definition that I’ve found has actually come from i-Scoop, and I will read this straight out verbatim so that we are all agreed on what digital transformation is.
Digital transformation is the profound transformation of business and organizational activities, processes, competencies and models to fully leverage the changes and opportunities of a mix of digital technologies and their accelerating impact across society in a strategic and prioritized way, with present and future shifts in mind.
Throughout history it took 150 years for humans to adjust to technological advances from the late 1800s. The world shifted quickly as things like automobiles, light bulbs, telephones, airplanes, radio, television and more, came into being. But in a matter of about 65 years, mankind went from not being able to fly to landing on the moon. And as part of this age of digital transformation is not just about the evolution of personal computers, laptops, tablets, smartphones. The digital transformation literally permeates every aspect of our lives today.
Homes today have a variety of sensors and connected devices: thermostats, smoke detectors, refrigerators, lights, alarm systems, motion sensors, smart speakers, connected locks, and many more. The state of your home is constantly being monitored by these devices and all of that information is beamed to the cloud.
So, from the homeowner’s perspective, this digital transformation happens behind the scenes with very little visibility. Individuals just install a few apps on their smartphone that enable them to have complete visibility and control over their homes. They don’t need to build or understand the backend infrastructure at all. They just installed the devices, and the apps, and use them to streamline and simplify their lives, because they saw based on functionality rather than security. But in this age of digital transformation there’s also a vast amount of security concerns with all of this data. You’ve got companies, random strangers, or attackers having access to cameras and microphones in your house, which will allow them to spy on your activities, or access information that let them know when you’re home and when you’re not.
As important as security is though, is just as important that the security be frictionless and transparent to the end users. The focus with IoT has always been functionality over security. Technology is changing very rapidly and very profoundly. Changes in technology bring with them significant changes to the world in general, creating a domino effect. If we don’t adjust and adapt, you’ll get left behind. And in today’s always connected world that includes adapting your security to keep up with the pace of change.
What this also introduces is a new level of risk and threats to your organizations. No longer do C-suite individuals need to be spearfished, whaled, or socially engineered to obtain their credentials. It’s very easy to be able to socially engineer a situation where you obtain the password of an individual via their own network.
So, how do you remain compliant in this ever-changing world? At Qualys we believe in five core principles with security that will help organizations minimize the risk and the threats to their organizations. And we’re go into a little bit of detail on all five of those tenants.
But to start with, the five are: accuracy, visibility, scalability, immediacy and transparent orchestration. I will start first of all with accuracy.
For effective endpoint security and compliance, you need comprehensive asset visibility and control. An endpoint it’s no longer just a laptop, a mobile phone, or a device – any devices that are connected to your network. It is now anything that is out there on the Internet, and anything in your home, and anything within your corporate environment. So, this now requires a complete accurate and detailed inventory of your IT assets – wherever they are located, on premises, cloud instances or mobile endpoints.
To achieve the current system view of your continually changing IT environment, you need active mapping and continuous monitoring. Otherwise your vulnerability management, your threat intelligence decisions will be based on incomplete, inaccurate and outdated information, which puts your organization at an elevated risk of breaches or risks.
Next is visibility. Visibility is hand in hand with accuracy, because without the two working well together, you don’t have a complete picture of what’s going on within your environment. So, while accuracy was and still is an essential foundation for security, visibility across the new hybrid IT environment is even more critical.
As more and more data moves out to the cloud, as more of your software infrastructure is moved out to the cloud, it is vitally important to you knowing what’s out there. In this new digital era, the tech surface has grown significantly, and now includes on premises, endpoints, Internet of Things, big data, cloud and mobility solutions. CISOs cannot secure what we don’t know, and we cannot monitor. Hybrid IT is the general term that’s used for this approach to enterprise computing, and this is where an organization can provide and manage information technology resources in-house. But uses cloud based services for everything else.
Next is scalability. So, the measure of the system’s ability to increase or decrease in performance and cost in response to changes in application and system processing demands. Examples would include how well the hardware system performs when the number of users is increased, how while a database withstands growing numbers of queries, or how well an operating system performs on different classes of hardware. Enterprises that are growing rapidly should pay special attention to scalability when evaluating their hardware and software solutions for their respective organizations.
In this world that we live in with 24/7 connectivity always on the structure of world that we live in, it’s important that the quickness of action or occurrence of when an event occurs, and how we respond to that event, needs to be very very quick. No longer can it be – it will take hours for an incident or an event to occur. This is happening in seconds, and businesses need to be able to respond very very quickly to when events occur. In this always connected world we live in now, It is expected the systems of solutions are available 24/7, 365 days a year. Security teams need to be able to react quicker, or be earlier engaged within projects to ensure that security is building from the start.
Gone are the days when security is a plug-in at the end of a project. Security needs to be embedded at the very very start, so that anything that is being designed and delivered within your organization has the security requirements, and the security skills engaged at the very start of the project. Trying to retrofit security into the solution will become even more of a problem, it will be very slow and in some cases in this 24/7 connected world we live in may never happen.
And the final one is transparent orchestration. So, this gives your organizations the ability to automatically and seamlessly ingest, correlate, and analyze security information from many sources, and respond accordingly in real time. This is clearly the new frontier of security in this digital age, and today for all those organizations using traditional security solutions, especially scene tools, life’s anything but transparent.
A major benefit of security automation and orchestration is the ability to aggregate and consolidate a variety of information from multiple sources in a single console. That way, customers can easily see their security and compliance posture at a glance in one place.