It was a great time at the Gartner Security & Risk Management Summit last month in National Harbor, MD. Good to see old friends and make new ones.
It's been a dirty little secret among those of us in the security industry that there are two types of security solution providers: those who scare the market about threats and attackers in order to sell some of their wares, and those who are collaborating across companies and really trying to create something valuable in order to make the world a safer place.
This year’s Gartner Security Summit was filled with security practitioners who fall into the latter category. The Summit paid special attention to the latest threats, flexible new security architectures, governance strategies, the CISO role and more. While there, I attended several insightful sessions by great security minds including Greg Young, Adam Hills, Neil MacDonald, Craig Lawson, Eric Alhm and Jeremy D’Hoinne that focused on the changing security landscape and left me feeling quite inspired about the future of our industry.
There’s little doubt that the way we interact with security has evolved greatly over the past few years and decades. We used to live in an age where we trusted everything inside the Local Area Network and nothing outside of it – hence why everything in security was about prevention.
In the last few years, as a darker threat landscape has emerged and user consumption and utilization of the network has changed, the spotlight has turned to detection and enforcement across networks and companies. This is an important shift and one that should be changing the way that we think about security.
The analyst presentations at the Gartner Security Summit laid out different aspects of security in a predict, prevent, detect and enforce framework. They discussed how these four core principles of security are crucial to any successful security implementation, and are a helpful guideline to follow when discussing the optimal installation.
It was great for us to have conversations that aligned all different aspects of security across the threat landscape, including next-generation firewalls, threat intelligence topics like automation, and integrating security in DevOps culture. While these disparate security applications and ideas may not seem immediately related, they all pertain to the greater conversation about the current security landscape and where things are headed in our industry.
The common thread in all of these sessions was that there needs to be a new goal in the security industry. No matter which part of security you are looking at, we have to evolve to a space where there is real-time information exchange that feeds into algorithms for better prediction or notification of an event. This information could create prevention across all high-risk sites around the world, as well as the ability to detect and enforce at the most effective point.
Real-time information exchange is essentially the ability to dynamically consume data from your entire network and then act upon that data at any point. This kind of insight into the network is extremely valuable and can drastically improve response times to threat detection as well as enforcement. By using this real-time information exchange, we can take the predict, prevent, detect and enforce framework to a whole new level of network security. Let the information exchange begin!