In previous posts we laid out seven reasons why security automation lags the rest of the IT industry. In part one of this series, we laid out three reasons, and followed those up with a post outlining four additional reasons. All seven are briefly restated here:
- Security spend is seen as an expense, not an investment.
- Security revolves around a few core concepts. Revolutionary advancement is rare.
- The nature of the security domain lends itself toward skepticism.
- Security is a high stakes arena, full of technology capable of bringing down an enterprise.
- Security is just as susceptible to data quality impediments as other domains.
- Security automation is only a realistic option at the mature end of the sophistication scale.
- Security is the easier half of security automation. Deep automation expertise is also rare.
Now let’s see what we can do about all these hurdles.
The adoption curve of the Zero Trust Architecture is a case study for points 1 – 3 above. When the architecture was first presented in 2010, it was well-received, . It made a lot of sense andcorrected serious flaws in the traditional security models. But it didn’t get implemented anywhere for a long time. It was too far ahead of the average technology estate.
At its core, Zero Trust is just the least access principle on steroids. The skeptics we all are in the security industry embraced the logic of not trusting anyone or anything in your environment. The problem was there was no way to implement the model without making users howl in protest.
Fast forward to 2019 and we see the rapid adoption of Zero Trust security solutions that make both users and security skeptics smile. The remote user experience, for example, is better, more secure, and less expensive. For remote users, connectivity is seamless, authentication and authorization are transparent, security controls and visibility are comprehensive without being intrusive, and mobility isn’t limited in anyway.
When security investments align with wider IT objectives, it bears fruit!
The remote user transformation is a bit of perfect storm admittedly, but there are many other aspects in the security operation of the average enterprise that are ripe for transformative investment. The fact that a new solution is just rehashing an old idea needs to be taken in context. Security is all about the fundamentals, and if a new solution takes a core security principle and allows you to employ it more effectively without ticking off your users, that’s a winning solution.
Points 4 ─ 7 center around a common theme: you can’t (or shouldn’t) be an expert in everything. To varying degrees, enterprises outsource portions of their IT domain because they don’t want to be experts in all things IT. Security, as a niche within IT requiring even more specialized knowledge, often gets different sourcing treatment. Many large enterprises understand (some after the fact), that security is best delivered by combining the local knowledge of in-house experts with the industry/geographic/global viewpoint of a third party provider, or “co-managed” security.
The type, quality, and scale of expertise you will receive from a security partner is, therefore, a critical concern if you hope to deploy advanced, automation-based security solutions in your enterprise. Obviously, focused security expertise forms the foundation, but experience needs to be the source of the expertise. Delivery experience, meaning on-the-ground, day-to-day operational delivery, feeds real-world results and data back into engineering/consulting/architecture teams. NTT DATA can consult/design/architect large enterprise security solutions and deliver them in-house, at scale.
Taking advantage of both the Ops and A&E security expertise a partner provides will create the confidence level required to take on the risk and expense of security automation. The confidence to know that potentially very high impact technology can be safely deployed, and automation unleashed, is the crucial ingredient in security transformation. That confidence won’t come overnight, and having a partner help you navigate the security maturity curve — both operationally and architecturally — is the best way to move forward.
Beyond the security-specific realm, there are two other essential disciplines to enable advanced security solutions — data and automation. Once again, it’s either unlikely or unadvisable to be an expert in both. Automating a few simple use cases can be achieved without high-end data maturity, but you will run out of options quickly. Advanced use cases and meaningful automation is fueled by advanced data maturity. Moreover, the right data architecture will include the appropriate measures for data security, and data security is another important dimension of building/maintaining the confidence required to innovate and transform.
Automation expertise then becomes the last element of the puzzle. Automation is a standalone specialty now, combining business process, software development, system integration, AI/ML and its own operational challenges. A security and data foundation, combined with a partner’s focused automation experience brings the ability to: 1) Quickly build an effective security innovation roadmap 2) Unlock the security value hidden in your data 3) Implement and then operate security automation, focused on maximum business value, and not just novel technology.