Fly in Amber: What’s Bugging Infosec Architects?
Published on May 21, 2019 by Gabriel Torok
The life of a security architect is rarely simple. Assessing, defending and improving corporate networks requires thorough knowledge of industry best practices designed to secure critical data, combined with real-world understanding of hacker tricks and tactics meant to undermine this purpose.
As noted by the InfoSec Institute, this is an in-demand job that often comes with high expectations, odd hours and the need for constant professional evolution to stay ahead of cybercriminal threats. Complicating matters is the breakneck pace of technological advancement. The rapid rise of cloud deployments, mobile applications and IoT devices can make even best-laid security strategies seem like flies in amber — hopelessly out-of-date and effectively immobile.
Here’s a look at what’s really bugging security architects — and how they can break the mold of static security to combat emerging threats.
The Current State of Cybersecurity
There’s an infosec crisis underway. According to Infosecurity Magazine, the ongoing cybersecurity skills shortage requires a rethink to hiring priorities and best practices to ensure companies have the personnel and knowledge they need to effectively combat emerging threats. As noted by Health Care IT News, meanwhile, the impact of compromised IT environments is severe enough that CEOs must prioritize infosec even above projects guaranteed to drive ROI.
Governments are also taking action to address ongoing security issues: As the National Conference of State Legislatures points out, 28 U.S. states now require government agencies to deploy “reasonable security measures” to protect public data; 24 states have also enacted similar laws that apply to private organizations.
For security architects the combination of limited talent pools, evolving threats and expanding legislation creates a cybersecurity landscape where the status quo isn’t enough to defend corporate networks but forward progress is hard to find.
Don’t Bug Me
According to a recent survey from CA Technologies, 66 percent of enterprise security architects said their biggest concern was “providing consistent, end-to-end security.” Fifty-five percent pointed to creating APIs and microservices, while 39 percent worried about managing partner ecosystems and 36 percent struggled with responding to market demands.
Here’s why it’s bugging them:
- Consistent End-to-End Security — This is the Holy Grail for security architects but remains an elusive goal. Why? Because hackers now rely on a combination of new threat vectors and historically-successful attacks (such as phishing and macro malware) to compromise corporate networks. Finding solutions that work both in-situ and over time is challenging even for experienced architects.
- APIs and Applications — 63 percent of app developers share this concern, and it’s no surprise. If hackers can compromise applications or third-party APIs by reverse engineering source code or probing and altering network traffic to find vulnerabilities, they could circumvent security checks and/or gain access to critical data.
- Partner Ecosystems — Third-party ecosystems are often corporate weakpoints because in-house IT can’t control the APIs and applications used. While security architects can draft agreements that include security requirements, the onus is on first-party data owners to ensure they’re in compliance with government or private industry regulations.
- Market Demands — The security landscape is constantly changing, making it difficult for architects to know when they should go all-in on security solutions and when it’s worth waiting for the next market shift. Mobile applications are a good example: The sheer number of apps now used by companies on a day-to-day basis demands robust management and agile security solutions.
As noted above, forward progress is the goal for any security architect — building better, stronger and more responsive security designs capable of keeping pace with the changing nature of infosec. But this progress can be elusive, and for many architects the lack of measurable impact can frustrate best intentions.
For security architects feeling trapped, here’s a three-step guide to forward motion:
- Measure by Movement, Not Distance — It’s not about how far you go, it’s about making progress. Why does this matter? Because infosec pros tend to prioritize perfection, but it’s impossible to ensure networks and applications are 100 percent secure. By identifying key issues that can be improved with current resources and talent — such as implementing two-factor authentication or utilizing in-app protection — architects can make measurable progress that offers direct business benefits.
- No Bug Spray is Perfect — No single solution will solve every security problem, no matter what the marketing says. End-user analytics, intrusion detection and application hardening tools each have a role to play in reducing the frequency and sting of cyberattacks, but consistent end-to-end security is only possible with multiple solutions working in tandem.
- Seeing is Believing — You can’t defend what you can’t see. For many security professionals, this is their stumbling block: Lack of visibility makes it impossible to create effective infosec policies. Tools that prioritize end-user activity, application behavior and network traffic patterns are critical to gain insight and inform long-term strategy.
It’s easy for security architects to feel trapped in the current infosec climate. Break the barrier by focusing on motion over distance, taking a comprehensive approach to application and network security concerns and prioritizing visibility as the key to effective strategy.