Tufinnovate Day 2: Increased Attack Threats, Depleted Personnel, and Achieving Continuous Compliance

 

tufinnovate logo

 

“The right way to secure the network is to make zero mistakes, and that's the value of policy-driven automation.” – Ruvi Kitov, CEO, Tufin

That is one of many points made during Wednesday's keynotes at Tufinnovate, Tufin's first-ever user conference taking place this week in Chicago which hosted some of the largest enterprises in the same room, all of which are trying to solve the same problems.

Tufin CEO Ruvi Kitov started the day highlighting the major challenges experienced by the largest networks in the world, and the solutions to address network complexity, lack of visibility amid rampant cloud adoption, and the need for a central security policy to eliminate risks. In the pursuit of making security manageable, Tufin's leadership, product experts, and outside thought leaders offered insight on addressing increasingly complex security risks by mitigating the lack of manpower through policy-driven automation to empower network security professionals.

Let's take a look at the two keynotes of the day.

“Primetime Cybercrime” by Brian Krebs, author of Krebs on Security

In his keynote speech, investigative journalist Brian Krebs examined today's cybersecurity landscape from the perspective of profit-seeking online crooks, and the lessons that organizations can learn from them.

Krebs highlighted a question on everyone's mind: why do we see so many data breaches, and how bad is it going to get? This question echoes a point Ruvi made in his speech: “Every Fortune 1000 company is already compromised today.” But as Krebs said in his talk, if organizations had a better understanding of what – and who – was on their network, breaches can be better anticipated and contained. This gets at the heart of Tufin's “single-pane-of-glass” approach to network security, through protection by network segmentation and a state of continuous compliance through policy-driven automation.

Krebs noted the shortage of skilled workers in the cybersecurity industry, and the far-too-common scenario of highly skilled workers being pulled from their critical roles to perform manual or mundane tasks. So, while your security team is focused on manually updating firewall rules or troubleshooting user access, who is spending the time reviewing the data output of the security tools that your firm continues to invest in? Krebs' narrative advocated for companies to leverage the distinct and desirable skill sets of their security professionals to capitalize on their purchased security software's output rather than spend time on manual administrative tasks or ad hoc pet projects. When you have the right people in place, says Krebs, they can respond to a security incident before it becomes a major breach.

Lastly, as Krebs highlighted a few ways that organizations can help protect themselves from becoming the next victim of a security breach, he noted compliance. Compliance is good, but it's not enough. According to Krebs, “If you're just doing compliance, you're not going to get ahead of the bear.” At Tufin, a common pitfall we see regarding compliance is that organizations only worry about passing an audit. Once the audit is over, achieving compliance becomes an afterthought. Krebs says that's not good enough, and we at Tufin agree with regarding compliance as a continuous automation-supported process rather than a single point in time.

“The Evolution of Security” by Reuven Harrison, CTO, Tufin

Next up was Tufin CTO Reuven Harrison with his take on the evolution of security.

It wasn't too long ago that security wasn't as complex as it is today, and using firewalls as your only method of network security was just fine. But things have changed and we now live in a world where everyone and everything is connected to the internet. How can we secure our environments in a hyper-connected reality that is very complex and constantly morphing?

As organizations evolve their approach to network security, we sometimes see that they may overlook traditional methods of securing their networks – tried and true solutions that are still reliable even in today's complex environments. One of those methods is network segmentation – and while not a new concept – the practice remains the number one security control that exists. In fact, we saw the true power of network segmentation back in May when the WannaCry ransomware attack wreaked havoc on organizations around the globe. If you're curious how Tufin can defend against evolving ransomware and other network-based pivoting attacks, we published a “how to” in this blog.

WannaCry is just one example of how one open port or unpatched server in your network could result in a debilitating ransomware attack. That is why Reuven sees a pressing need to shift from macro to micro in terms of an organization's approach to security, and how they segment both networks, users, and applications and how they interact with one another. With the complexity and size of today's enterprise network, organizations need to understand all the smaller parts that make up the whole, their reliance and risk imposed on one another, and their potential impact on the enterprise network. Applying a detail-oriented review can ensure that your organization appropriately segments its network, while providing a consolidated policy accessible in a single pane of glass.

Reflecting on the day's keynotes, one thing is clear: cybercriminals aren't going away. In fact, they'll continue to evolve their methods, try to keep us guessing, and do whatever it takes to keep us off their path. However, it's our job to address these security threats by staying one step ahead and vigilant in applying best practices, and allowing security teams to leverage their skill sets. No matter the size and complexity of your organization, Tufin can help your network security teams ensure a state of continuous compliance while providing them with the time to ensure that they're staying ahead of the threats and not manually processing change requests.