Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Achieving “Frictionless Defense” in the Age of Hybrid Networks

A “frictionless defense” is about integrating security measures seamlessly into the digital landscape to safeguard against threats while ensuring a positive user experience.

DDos Attacks

When we say “frictionless” in cybersecurity conversations, it’s sort of a loaded term, right? We know that there is no magic bullet to deploying security that will work 100 percent, 100 percent  of the time. And “frictionless” certainly does not mean effortless.

That said, we do want to make sure that our systems are effectively architected to protect against threats, and ideally we want to make sure we can get to that point as quickly and as easily as possible. Especially given that in 2023 we saw the cybersecurity workforce shortage rise to nearly 4 million, a 13 percent increase over 2022, according to ISC2 data.

We must also take into account the fact that our networks are more dispersed than ever, with more organizations moving away from on-prem networks to cloud-first or hybrid environments; a move that even Gartner has long predicted would reach as high as 95 percent by 2025. Unbelievably that’s only 12 short months away.

So how do we ensure that we are set up to quickly and easily see and understand what has happened – and what it has happened to – so that we can take action as needed? This is at the heart of what we mean by “frictionless defense.”

We want to get to the ground truth of what is happening on our network. Whereas once we were able to do this by deploying external supporting infrastructure like taps, aggregators, or decryptors to support legacy on-prem networks; now we must look at ways that we can get to this information through other data sources and via integrations. In fact, integrations are pivotal in creating frictionless defense because they can bring together diverse security tools and systems that you already have deployed to work together harmoniously. This can then lead to automated responses, enhanced visibility, and a more seamless user experience while maintaining a robust security posture.

For instance, using flow-based analysis, rather than relying on packets, offers the ability to scale and extend across modern distributed infrastructures, like cloud, multi-cloud and hybrid environments, in ways that legacy on-prem solutions that often rely on DPI cannot match.

And while integrations are key in implementing and maintaining a frictionless defense posture, cloud-first and hybrid networks differ from on-prem networks in the inherent characteristics and management approaches associated with each. Cloud networks typically emphasize API-driven, scalable, and centralized management, whereas on-premise networks often rely on diverse, sometimes legacy, systems that require careful integration.

Similarly, frictionless defense in the cloud must account for the dynamic nature of cloud resources, allowing security measures to scale seamlessly as resources are provisioned or deprovisioned versus on-premise networks which might require additional hardware, configurations, and manual adjustments, which can be more difficult to scale and could introduce more friction and complexities.

Advertisement. Scroll to continue reading.

Additionally, cloud networks prioritize automation for scalability and rapid responses to security events, while on-premise networks might involve more manual intervention, which, given our points earlier on talent shortage, could prove more challenging.

When it comes to tools and which vendors to integrate with, cloud networks must often rely on native cloud services and platforms provided by a single CSP, while on-premise networks may incorporate multiple vendor solutions, which can again, lead to potential complexities in integrations.

Investing in a solution that can integrate within the existing infrastructure – whether that is cloud, multi-cloud, hybrid or even on-prem – should ultimately give your security team the visibility into what is happening on your network and what it is happening to. You create a means of visualizing all of the data all in one place and that you can operationalize. This is what “frictionless defense” truly means: creating a secure environment that operates smoothly and efficiently without compromising on protection. It’s about integrating security measures seamlessly into the digital landscape to safeguard against threats while ensuring a positive user experience.

Written By

Matt Wilson is the Vice President of Product Management at Netography. Over his 25+ year career, Matt has held senior technology leadership positions across numerous industries including Neustar, Verisign, and Prolexic Technologies. With a rich background in innovation and go-to-market strategies, Matt has been a critical leader in helping many companies conceptualize solutions from the customer lens and drive them to market with significant impact.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.