When the vulnerability in Log4j happened, security teams sought the answer to a seemingly simple question: Am I vulnerable?
Answering that question led to a maelstrom of activity. Security groups requested information from vendors about their level of vulnerability and, in turn, had to respond to their customers about whether they were vulnerable. In many ways, the entire exercise seemed more about legal obligations than making people more secure.
The deluge of information — some of it useful, some of it useless — highlighted the need to rethink how we are doing security in the future.
We’re living in a chaotic time. With a possible recession, technology companies trimming their ranks, and businesses pushing further into the cloud and adopting more automation and AI, security teams need to re-evaluate. Do they just follow the traditional playbook without thinking why? Or do they improve what they are doing to make security better?
Here are some focus areas to reduce chaos and increase overall security effectiveness.
Simplify for Greater Visibility
Gaining visibility into your applications and infrastructure is essential. Companies expanding their use of the cloud and converting applications to cloud-native infrastructure often see initial growing complexity because of a period of redundancy and hybrid infrastructure.
Pushing beyond that stage provides both cost and security benefits. Limiting the use of third-party tools to capture and analyze data for security teams is important. There’s really no reason to, say, pull NetFlow data off the cloud infrastructure, when that same data
Read more