Defenders need to increasingly rely on agility in cyberspace
The majority of cyber adversaries have already embraced agility as critical to their cyberattack operations, moving quickly and efficiently to exploit global events, vulnerabilities, the expanding digital attack surface and more.
In addition, as cybersecurity technology improves it has forced cyber attackers to adapt exceptionally agile operations. In response, defenders need to elevate agility beyond a design principle and make it a true end-goal, whereby agility is woven into a cybersecurity strategy and architecture.
That’s according to Phil Quade, the chief information security officer at Fortinet, a global leader in IT and OT security solutions used by telecommunication firms, financial companies, critical infrastructure operators and government. Quade has seen the emerging attack techniques up close, and from the front lines, particularly during the roles he previously held in a 34-year stint at the U.S. National Security Agency.
Attackers use agility as a strategy and a goal. Quade described in a CyberScoop podcast, underwritten by Fortinet. He reflects on the dramatic shifts this year to securing remote work and the future of an expanding digital attack surface, sophisticated threat landscape, and cyber skills gap.
Access management agility
One way for security personnel to fend off attackers who are “living off the land” inside their networks is to recognize that wireless access and mobile connectivity are the new reality. Network defenders can no longer rely only on mainframe computers with hardwired workstations.
Hundreds of millions of internet-connected devices need to access government and corporate networks with the correct permissions and appropriate levels of trust, according to Quade.
“That’s going to take quite a bit of an agility posture, to be able to recognize what to trust and what to not trust, and which ones to maybe watch for [until] they earn your trust,” he said. “That’s an example of network access control agility. It’s really going to be pressed upon us by the flood of devices joining us at this new edge that is emerging.”
Cloud technologies do a lot of things, including aiding cost savings and facilitating a simplified data oversight process. Chief among those benefits, though, is helping the shift toward agility.
Companies now need to be able to call on their own data centers for the things they do best, such as safeguarding high assurance applications or keeping up the high speed of low latency tools.
“Now, the very best organizations are going to be the ones who have enough agility on a moment’s notice to swing toward their own private data center, their own private cloud or any of the public clouds,” Quade said. “They are available. That’s multi-cloud ability, the ability to recognize what’s the most efficient and effective means to leverage this great powerful capability to do so at the right place and in the right time.”
Organizations are working to manage encryption and data protection while also working with large supply chains. It’s a pressing issue that demands attention from leadership, particularly as concepts like quantum computing force security leaders to consider whether new technologies will threaten existing tools.
“What that means is that a company or organization needs to have the flexibility and confidence to switch to different cryptographic algorithms, schemes or keys at a moment’s notice if there is, for example, a key compromise, or if there’s a sudden reason to change algorithms,” Quade said.
Listen to the podcast for the full conversation on the need for agility and flexibility in IT security. You can hear more coverage of “IT Security Modernization” on our CyberScoop radio channels on Apple Podcasts, Spotify, Google Play, Stitcher and TuneIn.
This podcast was produced by CyberScoop and underwritten by Fortinet.
Phil Quade has worked at the National Security Agency for 34 years in a variety of top leadership role before joining Fortinet nearly four years ago.