This is the thirteenth in our series of cybersecurity predictions for 2016. Stay tuned for more through the end of the year.
Addressing the evolving threat landscape is a key factor in security, but organizations also want security that can keep up with the new, distributed and dynamic environments that they are building and adopting. In other words, they want to have their cake and eat it too.
In order to accommodate this shift, security will have to go where the applications, users and data are. And that’s not easy because all three are going everywhere. This new, distributed foundation is the basis for more agile and efficient IT – but it all needs to be secured to deliver benefits at an acceptable level of risk.
In 2016, this need will manifest itself in three key ways:
Develop Full Situational Awareness
Security systems that operate on IT-level context (e.g., applications and users) will become all the more relevant, as “divining” high-level activities based on low-level context (e.g., ports, protocols) is a losing proposition. In other words, higher-level information will drive better security posture.
Programmable, Adaptable Security
Security is rarely an end in itself. When we’ve come to think of it that way, it’s because it was applied to overall environments that were static in nature. Now, with on-demand, elastic environments in vogue, securing capability also has to be dynamic.
Looking Within – the Need for Segmentation
Micro-segmentation has made the topic of segmentation “cool again,” but it’s really broader than just a virtualized data center use case. And it’s not segmentation in the sense of barriers or pure isolation. Elements (e.g., computers) between segments need to interact, but it’s more like a membrane where you get to determine what gets through (in a language that you can understand) and, beyond that, how the interaction is inspected for threats.
Securing a static environment from cyberthreats may be easier to achieve, but customers want more. That’s why, even in the face of ever-increasing threats, security platforms must also account for the new, dynamic and distributed models of IT that organizations are deploying.
Want to explore more of our top 2016 cybersecurity predictions? Register now for Ignite 2016.
[Palo Alto Networks Blog]