The speed at which cyberthreats have been targeting enterprise networks and endpoints is forcing IT leaders to change the way they think about cybersecurity.
One alternative to how enterprises look at security is to treat cloud as an operating system, says Patrick Morley, general manager of VMware Carbon Black, the company’s newly formed security division.
Tom Corn, VMware’s vice president of security products, who joined the discussion, also believes CISOs should rethink cloud’s role in application and network security.
VMware, in fact, recently acquired Carbon Black in order to expand its security offerings across all applications, cloud environments and devices. This approach to security was reinforced by VMware’s CEO Pat Gelsinger at the company’s Public Sector Innovation Summit earlier this year. “It turns out it’s much easier to determine deviations from good behavior than from bad behavior,” he said.
In the interview, produced by CyberScoop and underwritten by VMware Carbon Black, Morley and Corn touched on ways the cloud is reshaping CISOs’ approaches to security:
Enterprises can use cloud as a security advantage
“The cloud has some very unique properties. We think about the cloud in terms of being elastic – things becoming distributed services and highly scalable. [We] have the notion that there’s now this middleware layer in between physical infrastructure and the applications we are ultimately trying to protect…But we really haven’t, for many years, thought about how can we use these same unique properties to secure things differently, which I think is the largest missed opportunity in the security field,” Corn says.
Cloud-native security helps enterprises align their many cybersecurity tools
“[Cloud enables] these tools [to] speak a common language… It allows us to move from this bolted-on industry to a built-in industry. It could allow us to start breaking down the silos that exist today between endpoint security, workload security, and network security,” he explains.
New cloud capabilities allow enterprises to change security behaviors
“The ability to analyze a trillion events [daily] was just not possible even five years ago. And so suddenly the cloud has given the defender access to data in a way that provides them with a much more secure platform to be able to observe what the bad guys are trying to do,” Morley says.
Cloud-native security helps CISOs get the most from their current workforce
“The benefit of the cloud is that I can take my high-valued security professionals and I can focus them on the things that really matter. The alerts that really matter, the attacks that really matter, the risks inside of my environment that really matter, as opposed to just trying to stitch multiple products together,” Morley says.
Learn more about VMware Carbon Black.
Listen to the podcast for the full conversation on the future of cybersecurity. You can hear more coverage of “IT Security Modernization” on our CyberScoop radio channels on Apple Podcasts, Spotify, Google Play, Stitcher and TuneIn.
This podcast was produced by CyberScoop and underwritten by VMware Carbon Black.