Everyone who has experienced a breach has had to have an “uncomfortable talk” with their employees or customers at some point. Telling people who know and trust your brand that they are at heightened risk is never a fun or easy discussion. I know, as in my past life at the U.S. Department of Homeland Security and serving the National Security Council, I shared in the thankless mission of helping agencies and companies to respond to, and recover from exactly these kinds of breaches.
It’s a glaring reality for businesses and government agencies that, despite upgrades to their IT infrastructure, security hasn’t kept pace. Networks could be protecting millions of customers’ data or enabling global operations, but most often organizations still have struggled with moving beyond legacy architectures and appropriately addressing their risk posture. For example, businesses that have undergone mergers and acquisitions face circumstances where old networks are bolted on to existing architectures, joining legacy systems to modern IT environments often with little thought to the new risks that are introduced. The fallout is that breaches repeatedly continue to take place exposing bank accounts, e-mail correspondence, and personally identifiable information.
The solution from both a government and a business standpoint is to work to simplify and strengthen network architecture, risk management practices, and cybersecurity strategy.
Architecting a network to focus on preventing breaches is the first step. Beyond static perimeter defenses, organizations need to think about disrupting cyberattacks at multiple points along their lifecycles. At Palo Alto Networks, our platform approach looks to safely enable applications and provide heightened visibility into user access and content across the network from the perimeter to the endpoint. This integrated approach allows for multiple opportunities to prevent initial intrusions, as well as stop the damaging release of private data.
The second step is for organizations to simplify and strengthen their risk management practices. Leadership should be fully aware of the business and mission risks cyber threats pose and work to focus appropriate resources toward addressing these risks. In corporations this means that CEOs should take an active role in building a risk management approach to cyber threats. Many governments are also moving important legislation forward. In the U.S., government agencies received two new legislative tools earlier this year that codify DHS as the lead for identifying and addressing cybersecurity risks, backed up by OMBs budgetary and oversight hammer to drive stronger cyber risk management practices across the Federal IT enterprise.
Finally, organizations must build a cybersecurity strategy focused on preventing, rather than simply responding to, breaches. In order to disrupt modern adversaries, organizations have to leverage advanced analytics and automation to clear away the cyber threat noise and focus on addressing the biggest risks first. The Palo Alto Networks Security Platform uses our threat intelligence cloud to enable automated prevention of breaches. Security elements such as ourWildFire service and AutoFocus analytics tool enable automated prevention and advanced threat detection for our private sector and government customers.
As more and more organizations suffer breaches involving customer or employee personal data, we must address these cybersecurity challenges by finding effective ways to simplify our security efforts making them accessible to a wide range of organizations. Whether government agency or pizza parlor, these organizations all hold our personal data and face similar challenges that can be addressed by developing sound network architectures, risk management policies, and cybersecurity strategies. The alternative is a world where we are forced to walk away from the benefits of a digitally connected society. Imagine having that talk with your customers…
[Palo Alto Networks Blog]