Organizations are reinventing how they build and maintain their network infrastructures, primarily driven by developments like digital transformation, Work from Anywhere (WFA), and the adoption of cloud computing and Operational Technology (OT) devices. While these changes provide businesses of all sizes and industries with the flexibility and adaptability today’s digital marketplace requires, IT and security professionals are now responsible for protecting their enterprise’s people, data, and devices across a highly distributed—and constantly expanding—environment. At the same time, the threat landscape is changing at a rate we’ve never seen before, with cybercrime increasing in sophistication and bad actors finding more ways to infiltrate networks.
Historically, many businesses built their networks first and later layered security on top. Yet today—with an estimated 76% of organizations embracing a hybrid approach to networking—using this method results in a poor user experience, architectural complexity, increased risk, and difficulties with maintenance and troubleshooting. This rapid evolution occurring within enterprises and across the threat landscape requires a modern approach to both networking and security—one that offers end-to-end visibility, better performance, and peace of mind—so enterprises can identify and react quickly and effectively in response to the unexpected.
To achieve this, organizations have begun converging networking and security. This allows them to tie security to operations so rapid network changes are automatically protected and quickly deploy secure connectivity when and where it’s needed across their IT and OT environments. They’re also increasingly adopting a consolidated approach to security, using technologies from only a few vendors and managing those through a small group of integrated platforms instead of implementing a collection of dozens of disparate “best of breed” products. These shifting perspectives on and approaches to networking and security are crucial to meet new demands as organizations, and the threat landscape, continue to evolve at an unprecedented pace.
Laying the Foundation for Secure Networking
“Secure networking” is location-, device-, content-, and application-aware networking. And it consists of several vital components.
The next-generation firewall (NGFW) is foundational to secure networking, providing control points across your entire infrastructure. But the most significant change in networking today is the move toward distributed firewalls as organizations look to add cloud firewalls and firewall-as-a-service offerings to their technology portfolios. Gartner calls these distributed firewalls hybrid mesh firewalls and predicts that by 2026, more than 60% of businesses will use them. Maintaining a single policy across all these firewall use cases will be essential as organizations’ networks continue to expand.
Secure Software-Defined Wide Area Network (Secure SD-WAN) technology is another essential component of secure networking, as it optimizes the application experience. Once you’ve implemented and deployed Secure SD-WAN, users and devices can securely access critical resources anywhere on the network. Additionally, SD-Branch extends SD-WAN functionality by combining it with branch networking to secure your remote premises. Secure Access Service Edge (SASE) extends enterprise-grade security to your remote users. And universal zero trust network access (ZTNA) applies the zero-trust security model to all applications.
Consolidating Vendors to Enhance Network Performance, Security, and Efficiency
Traditionally, companies have often taken a point-product approach to security, procuring “best of breed” products that have their own respective operating systems, management consoles, configuration requirements, and alert structures. This results in an array of operational complexities for teams, increasing the time it takes for IT and security practitioners to simply learn new features and dashboards, let alone correlate threat intelligence to discover threats. And these complex environments make it impossible to achieve automation, which is now table stakes for aggregating a timely response to today’s threats.
Fortunately, enterprises are beginning to recognize the benefits of consolidating technology vendors and transitioning to a platform approach to manage all products. When you purchase products from just a handful of vendors who work together as part of an open ecosystem, you get technologies designed to work together. These technologies can more easily exchange policies, security, and threat intelligence and standardize configurations, making it easier for SOC teams to harness the power of security orchestration, automation, and response (SOAR) solutions.
Embracing an OT-Aware Security Strategy
It’s easy to assume that OT is only relevant to select industries such as manufacturing, but the reality is that nearly every enterprise today relies on OT devices. While more security features are being built directly into OT technology, sweeping changes in native OT device security won’t happen overnight. Yet OT is especially vulnerable to cyberattacks, with a recent survey (PDF) showing that 61% of breaches impacted OT systems.
That’s why it’s up to enterprises to build a defensive layer around the OT components of their networks—from on-site badging systems to temperature sensors in data centers—to operate those technologies securely. A layered approach is critical for securing OT devices. In addition to using NGFWs, adding capabilities such as Network Access Control (NAC), data segmentation, and micro-segmentation can enhance the security of OT devices on your network, enabling the critical transition from implicit trust to a zero trust model.
Working Toward a More Secure Future
Today’s networks will only grow more complex over time. That’s why the convergence of networking and security, the consolidation of technology vendors, and a focus on OT security are essential underpinnings of any organization’s success. These concepts help organizations strike the right balance between performance and security, laying the groundwork for enterprises to adopt new technologies without worrying about managing the risks associated with innovation and experimentation. This modern approach is foundational for any enterprise that wants to build a more secure—and prosperous—future.
Learn More at SecurityWeek’s ICS Cyber Security Conference
The leading global conference series for Operations, Control Systems and OT/IT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.
October 23-26, 2023 | Atlanta