Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. By delivering an integrated platform and empowering a growing ecosystem of partners, Palo Alto Networks at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices. In an interaction with Manoj Jha, Editor, SmartStateIndia, KP Unnikrishnan, Vice President – Marketing, Japan & Asia Pacific, Palo Alto Networks, reveals the transformation of security landscape and emerging technologies in 2021.
How is the security landscape transforming?
Cyberattacks are becoming more sophisticated with cybercriminals combining multiple techniques including malware, ransomware and social engineering to compromise data. There is no organisation that is not vulnerable to cyberattacks.
Cybersecurity companies need to be a step ahead of attackers. Today we have a host of new technologies that are helping us in this mission such as blockchain, AI/ML, and big data analytics. With increased cloud adoption, security of your data on the cloud is also critical for business continuity.
While a substantial part of the workforce is currently working from home due to COVID-19, we certainly think that remote working will continue even after the crisis is over. It means ensuring that employees can securely and rapidly connect to all their work applications remotely including SaaS, cloud and data center apps. Hence, ready-to-go cloud security solutions will continue to be of paramount importance in the days ahead.
With massive digitization happening in the industry, what is the state of security and vulnerability expanding?
The four areas to focus on are:
a) Securing remote workforce
b) Securing network transformation
c) Gaining comprehensive cloud security – full lifecycle, any cloud
d) Rewiring security operations – simply, orchestrate & automate remote SOC (Security Operation Centre)
This year will also see the evolution of IoT security for both personal and industrial IoT. From connected doorbell cameras to wireless speaker systems, we will see a growth in attack modes
coming in via unsecured apps or weak login credentials. Connected devices will need to be continuously retrofitted and updated in order to remain secure.
We believe AI-enabled prevention and protection systems will be the future of cybersecurity. These systems allow humans to interact with the AI algorithm, thus making detecting much easier. AI-enabled systems also provide insights into potential threats. Organisations can use AI and automated threat intelligence to enhance their cybersecurity efforts, automate and improve business processes, and facilitate intelligent responses to attacks based on shared knowledge and learning.
How is Cloud Computing changing the face of Cyber Security?
As a global cybersecurity leader, Palo Alto Networks is shaping the cloud-centric future with technology that is transforming the way people and organisations operate. Digital transformation will continue to alter the way companies evaluate their security needs. Our vision is a world where each day is safer and more secure than the one before.
Proper cloud security requires segmented business applications that use zero trust principles and centrally managed security deployments.
For the experienced information security professional, it seems that many of the principles that make cloud computing attractive run counter to network security best practices. What follows are the top three considerations for securing traditional and cloud-based data centers, as well as key requirements for cloud security.
Cloud Computing Does Not Lessen Existing Network Security Risks The security risks that threaten a data center and network today change once applications move to the cloud, whether in a complete migration or in a hybrid scenario in which some applications move to the cloud while others remain on premises. In fact, in several ways, the security risks faced when moving to the cloud become more
Security Wants Separation and Segmentation – The Cloud Relies on Shared Resources For decades, information security best practices dictated that mission-critical applications and data be separated into secure segments on the network. Often, this is referred to as Zero Trust: never trust, always verify.
On a physical network within the enterprise data center, Zero Trust is relatively straightforward to implement through the use of firewalls and VLANs (i.e., virtual LANs), managed by policies based on application and user identity.
In a cloud computing environment, direct communication between virtual machines within a server occurs constantly, in some cases across varied levels of trust. This makes segmentation a difficult task, especially given that cloud applications are based on the notion of shared resources. Mixed levels of trust, when combined with a lack of intra-host traffic visibility by virtualized port-based security offerings, will likely introduce a weakened security posture.
Security Configurations Are Process-Oriented | Cloud Computing Environments Are Dynamic
Virtual workloads can be created or modified in minutes. As such, cloud computing teams operate in a highly dynamic environment, with workloads being added, removed and changed constantly.
By contrast, the security configuration for this workload may take hours, days or weeks. Security delays are not designed to create roadblocks. Rather, they are the result of a process that is designed to maintain a strong security posture. Policy changes need to be approved, the appropriate firewalls need to be identified, and the relevant policy updates determined. Unless this imbalance is understood and addressed as part of the cloud migration, the result is a discrepancy between security policy and cloud workload deployment. The result is a weakened security posture that can put important data and intellectual property in danger and might also cause violations of compliance and governance policies and regulations.
Key Requirements for Securing the Cloud
● Consistent security in physical and virtualized form factors. The same levels of application control, rogue and misconfigured application handling, and threat prevention are needed to protect both the cloud computing environment and the physical network.
● Segment business applications using Zero Trust principles. In order to fully maximize the use of computing resources, it is now a relatively common practice to mix application workload trust levels on the same compute resource. The goal is to control traffic between workloads while preventing the lateral movement of threats.
● Centrally manage security deployments and streamline policy updates. Physical network security is still deployed in most every organization, so it is critical to have the ability to manage both hardware and virtual form factor deployments from a centralized location using the same management infrastructure and interface. The selected solution must be capable of spanning physical and virtual environments through a consistent policy management and enforcement framework and should include features that automate security policy updates.
What are some of the emerging technologies you are picking for 2021?
The wait for 5G is over … for those who are ready The private sector takes over from public as the latter leads the fight against COVID-19.
● While 5G networks may have been introduced in a few markets already, the availability of the iPhone 12 will see the mass adoption of 5G-enabled devices for the first time.
● This will undoubtedly encourage the acceleration of 5G network rollouts in more countries as telcos seek to deploy new services for consumers and governments tap digital opportunities for economic recovery in 2021. However, it will still be a while before we experience the reduced latency and exponential growth in speed that has been promised.
● Meanwhile, enterprise adoption of private 5G networks is accelerating in a big way.
Working from home gets smarter and safer :
Security will get pushed to the edge and simplified
● Companies everywhere scrambled to implement a variety of measures to facilitate remote working amidst the abrupt lockdowns and social distancing measures. In a matter of weeks, digital transformation moved from “tired buzzword” to an “adapt to survive” necessity.
● From unstable VPN connections to physical fobs and digital keys, a significant number of these solutions rely on legacy technologies and were never designed for numerous, simultaneous connections. Many of these were also only ever meant to serve as short-term fixes or were too complex for employees with limited understanding of the cybersecurity implications.
● If 2020 has taught enterprises anything, it’s that remote working on a company-wide scale is possible. With people at the centre of everything, 2021 now offers an opportunity for businesses to chart a new way forward and ask how they can deliver work to their people.
The year of getting the house back in order
Blue-sky thinking will go out the window as IT teams go back to basics
● This wider move to the cloud beyond light-touch functions, such as email, will see more work being virtualised and force many companies to review the security of their existing cloud environments.
● While network security controls remain an important component of cloud security, an additional layer of identity and access management (IAM) governance is now needed as organisations continue to scale their cloud presence.
● This year, Palo Alto Networks Unit 42 researchers observed that a single IAM misconfiguration could allow attackers to compromise an entire, massively scaled cloud environment and bypass just about every security control.
● Overall, our findings indicate that these identity misconfigurations are prevalent across numerous cloud accounts and represent a significant security risk to organisations, with the potential to impact entire environments, with thousands of workloads, in less than one week.
Unravelling the misconfigurations
● With the pandemic steering IT teams away from blue-sky thinking towards more nuts and bolts issues, 2021 will see more businesses shifting their IT focus inward to look at getting the fundamentals right and refocusing on things that are truly important, even finding ways to do the same thing for less.
● Doing so will likely see existing cybersecurity teams and roles being redesigned to align with an overall emphasis on getting the house in order and building a more resilient cloud environment.
● In 2019, Bain & Company and Facebook estimated that 310 million people in Southeast Asia would be shopping online by 2025.This milestone is set to be achieved by the end of 2020, due to COVID-19. The pace at which enterprises – and entire industries – are moving applications and data to the cloud, notwithstanding the complexity of the hybrid multi-cloud environment, a significant proportion of this work will have to be automated.
● Security now needs to work at the speed of the cloud, and any organisation that is slow to recognise this in 2021 will only see vulnerabilities multiply exponentially.
What are some of the longer-term goals for Palo Alto Networks?
Palo Alto Networks mission is to be the cybersecurity partner of choice, protecting our digital way of life. We do this through a multi-pronged approach:
- Understanding the business challenges of our target audiences who could be DevOps and SecOps professionals or senior executives. They have different priorities – running a remote workforce securely, accelerating shift to the cloud or reducing costs – and our marketing strategy is woven around these priorities.
- Improving cybersecurity education: Few people outside of the tech world know more than what they see in the headlines. Hence cybersecurity education must precede any marketing initiative. Here again, we tailor our education according to different target audiences – CEOs, the board, technocrats, users, academia and governments.
- Get them to touch and feel it. We run programs that allow our prospects to understand our technology, get comfortable with it and see first-hand how it works before they purchase our solutions. Our tools give visibility on existing breaches in their environment, so they can assess threat exposure.
- Appreciating the sense of urgency: Companies have started to take cybersecurity seriously. But many have still not prioritised it. We work with them tirelessly to help them to understand the need to act quickly and decisively.
- No ambulance chasing: We steer clear of scare tactics. It is easy to feed into the growing fear but our approach has always been one of consultation and strategic planning so that a business can continue to focus on their core activities without worrying about security.
In summary, our strategy is to help industry, academia and government organisations be more cyber-savvy and improve their cyber prowess to have a breach prevention- based infrastructure.