Budgeting for IT Security: 3 Technologies Worth the Spend

The IT security landscape is continually evolving. In 2020, COVID created even more hurdles, accelerating changes to — and the importance of — remote infrastructure, user security awareness, and ransomware prevention.

With cyber threats increasing and becoming more advanced, organizations need to consider which IT security investments will help them protect data and systems most effectively in 2021.

More than 50 percent of organizations are currently investing in automating policy management to safeguard against inefficient and risky functions and 79 percent say they’ll implement security orchestration and automation within two years to improve agility and responsiveness.

— Firemon, The Future of Network Security, 2021

Automating security workflows streamlines repetitive, manual tasks that take up precious human resources. And, let’s face it, talent retention is a lot higher when trained experts are not wasting their time on menial tasks.

If security automation is so great, why isn’t everyone doing it? Historically, implementation has been difficult. Building automation between disparate tools is a challenge that requires expert knowledge (and we have been in a cybersecurity talent shortage for the past decade). For those who still don’t have the internal resources to deploy automation in house, there are now many automation solutions to choose from that can make adopting automation successfully and cost-effectively much easier.

Processes that can be automated include monitoring and detection, data enrichment, incident response, user permissions, and business continuity.

Before investing in automation, ask:

  • What is the scope of automation (i.e., an entire system or a simple process)?
  • How many programmers and/or consultants will be required?
  • How many tools does your organization have, and do they have flexible APIs?
  • Based on the answers given so far, what will be the total project cost?
  • Rather than building automation in house, is it more cost-effective to buy a security automation solution?

Robotic process automation (RPA), security orchestration automation and response (SOAR), security incident and event management (SIEM), and public key infrastructure (PKI) certificate and key management are all examples of security automation.

Each has its own benefits, but, in general, the advantages of security automation include:

  • Minimizing security experts’ involvement in repetitive tasks
  • Reduced chance of human error
  • Scalability
  • Predictability

45 percent of organizations plan to implement a Zero Trust in the next 12 months, adding to the 17 percent of organizations that have already begun this process. The biggest drivers are a greater need for secure remote access (72 percent), reducing cybersecurity risk (70 percent), and supporting the transition to cloud architectures (51 percent).

— Firemon, The Future of Network Security, 2021

COVID-19 accelerated the push to invest in Zero Trust architecture, which touts the philosophy: “never trust, always verify.” When it comes to cybersecurity, trust is a vulnerability. Zero Trust architecture protects IT environments by leveraging network segmentation, preventing lateral movement within the network, providing Layer 7 threat prevention, and simplifying user access controls.

While security experts will tell you to “invest” in Zero Trust, there aren’t any Zero Trust products you can actually buy. It’s all about building upon the existing architecture. Deploying Zero Trust is broken down into five steps:

  • Identify the protect surface
  • Map the transaction flows
  • Build a Zero Trust architecture
  • Create a Zero Trust policy
  • Monitor and maintain

The benefits of Zero Trust include:

  • Visibility and context into traffic (e.g., users, devices, location, applications)
  • Reduced threat surface
  • Optimal use and authority of authentication
  • Reduces ability of hackers to move laterally within the network and | or exfiltrate data
  • Protection against internal and external threats
  • Improved on-premise and cloud security postures

85 percent of organizations have either already implemented a SASE platform or plan to do so within two years.

— Firemon, The Future of Network Security, 2021

SASE is a network architecture that combines software-defined wide area networking (SD-WAN) and security into a single cloud service. Its goals are to simplify WAN deployment, improve efficiency and security, and delegate appropriate bandwidth to applications.

As the cyber threat landscape and the remote workforce expand, SASE can help organizations evolve their security measures and access control over networks and technologies.

The benefits of SASE include:

  • Consistent data protection
  • Reduces costs by consolidating physical and virtual appliances into one cloud-native solution
  • Hyper-scalability within WAN infrastructure
  • Easy management
  • Greater visibility and control of data usage
  • Edge-to-edge security

This is just a snapshot of the emerging and critical technologies organizations can implement to improve their security postures in 2021. Organizations will need to determine what processes and products work best for them based on size, budget, business goals, and resources; however, one thing is certain: bad actors will never stop attempting to steal what isn’t theirs. Businesses in every industry should stay on top of the latest technologies and strategies to protect confidential data and systems.

This article was originally published by Paul Ashe on LinkedIn.