Overcoming Security Challenges at Mid-Market Organizations

When it comes to cybersecurity, mid-market organizations are uniquely challenged. They encounter many of the same issues that large enterprises do, but in most cases are forced to try to remedy them without the substantial budgets and IT departments that major corporations have.

According to first quarter 2021 Middle Market Business Index data from advisory firm RSM, 28% of middle market executives reported a data breach at their company in the last year, the highest level since RSM began tracking data in 2015 and a significant increase from 18% in 2019. Larger middle market organizations were most at risk, with 42% of executives at those companies reporting a breach, compared to 16% at smaller counterparts.

As attacks and adversaries ramp up, mid-market businesses find themselves in a battle to sustain their growth and security budget. Facing a shortage of security talent without the deep pockets to pay the high salaries demanded by top-level security professionals, these positions often go unfilled and the responsibilities associated with them are assigned to other staff members who are already overworked and wearing too many hats. In other cases, these positions get filled by less-qualified candidates. Either way, the organization is at risk of increased vulnerability to security breaches.

Another challenge is the siloed nature of security tools. The effectiveness of an organization’s security program on the operational side is often inversely proportionate to how many times IT professionals have to switch screens to figure out what’s going on. If you do not have a highly scalable and optimized security infrastructure backed by a qualified team to analyze threats in near real-time and respond, it puts you at significant risk and disadvantage – no matter how much technology you buy.

The pandemic and resulting economic downturn of 2020 exacerbated these issues. When countless companies throughout the world were forced to shut down, mid-market organizations with outdated infrastructure were unable to scale down in response. They overpaid for technology, licenses and features they no longer needed at a time when they couldn’t afford to waste valuable budget dollars. Moreover, with the majority of staff forced to work from home, users were accessing the network and data from everywhere, making the challenges of protecting assets even greater and requiring an increasing number of resources.

Outsourcing and the evolution of security service providers

What is a security threatened, budget constrained, short-staffed mid-market company to do? Many organizations are led to the decision to fully or partially outsource the day-to-day operations of their security program. For the past 20 years, this meant hiring a Managed Security Service Provider (MSSP). While doing so took some of the security management responsibilities off of the in-house IT team, it was not without its flaws. In order to remain profitable, most MSSPs rigidly deliver “cookie cutter” solutions. They are paid to monitor a dashboard and if there are any concerns, they simply alert the company to the issue. It is a best-effort model wherein the customer still remains very much engaged – thus delivering little real value.

Today, the MSSP is slowly being replaced by Security as a Service (SECaaS). With this new and improved “all-inclusive” delivery model, the service provider integrates their security services into the corporate infrastructure on a subscription basis. In most cases this is more cost effective than it would be for the midsized organization to manage its own security, particularly when total cost of ownership is considered. With SECaaS, the organization no longer has to worry about purchasing and managing infrastructure, tools and licenses. Instead, it is protected by a provider that partners directly to provide everything needed – tools, expertise, staffing – to deliver a next generation security services in a pay-as-you-go model.

This new model delivers immediate value by completely lifting the day-to-day security management off the IT department. And when the business needs to scale up or down quickly in response to seasonal or other shifts in demand, they can simply add to or remove services and scale up or down as business requires while delivering desired security outcomes.

In today’s world where the unpredictability of life comes at you fast, organizations must have the mindset that “IT comes at you faster.” IT must have the ability to immediately respond, support and thrive under whatever circumstances the organization is experiencing. It is imperative that organizations adopt a zero trust model, which trusts no one and requires continuous verification and multi-factor authentication for anyone trying to access the network. Mid-market companies that partner with the right SECaaS provider can gain peace of mind by relying on their vendor to update settings based on current threats.

For advice on how your midsized business can overcome its security challenges and adopt a zero trust model, contact the experts at Lightstream. As a networking and cloud company that integrates security into everything we build, we specialize in 24x7x365 network monitoring, detecting, protecting, analyzing and remediating security issues. We’ll help you manage costs effectively, reduce complexity and improve the efficiency and efficacy of your data center, network and cloud security.

The Annual Performance Review for your Cloud Environment

Where is your organization in its cloud journey? Perhaps you facilitated its migration to a cloud architecture several years ago and so far, it seems as though everything is operating like a well-oiled machine. Or maybe you’ve only recently begun moving applications to the cloud and are still discovering the features and benefits offered by the major cloud service providers (CSPs). Or like many enterprises, you may now be moving past cloud migration and on to strategy.

Regardless, our experience with a diverse mix of cloud users from across all industries and at varying levels of cloud adoption has taught us something all users have in common:

There is always room for improvement.

That’s right. No matter how smoothly you think your environment is running or how much you’ve managed to improve processes and increase your organization’s efficiency, you have the opportunity to do it even better. Here’s how.

Establish a Well-Architected Framework from the start

For those in the planning phase of cloud migration, you will want to partner with a provider that uses a set of standard best practices to plan and implement your cloud environment. Amazon Web Services (AWS) and Microsoft Azure have both labeled these best practices The Well-Architected Framework, which consists of five pillars of architecture excellence:

  1. Cost Optimization
  2. Operational Excellence
  3. Performance Efficiency
  4. Reliability
  5. Security

When architecting technology solutions on AWS and Azure, incorporating these pillars into your architecture helps produce the most secure, high-performing, resilient and efficient infrastructure for your applications. This not only allows you to focus on the other aspects of design, such as functional requirements, but it also helps ensure that you’re building a system that will meet up to your expectations and requirements.

Maintain the most stable and efficient systems

Your cloud environment is ever-changing. Between new instances, changing security groups, and updated service offerings, it can sometimes feel impossible to stay abreast of the latest and greatest. That’s why whether you’re a cloud newbie or a veteran, your business will benefit from conducting a Well-Architected Review every 12 months. The Well-Architected Review is a systematic approach to evaluating AWS and Azure architectures in order to identify and fix potential issues with the environment and guarantee that it is optimized for financial and operational efficiencies.

It can be difficult for time-crunched and overburdened IT departments to successfully perform these reviews. Outsourcing some of the more time-consuming and complex tasks of cloud management has become an attractive option for many organizations. Lightstream Cloud Managed Services offers its customers the annual performance of Well-Architected Reviews as a proactive way to shed light on any security, operational and performance issues, as well as to make sure that the organization is maximizing every opportunity for savings and automation.

Lightstream’s four areas of key management for cloud platforms are security, finance, technology and operational expertise. These key areas just happen to align perfectly with the pillars of architecture excellence that AWS and Azure abide by, which to reiterate are security, cost optimization, operational excellence, performance efficiency and reliability. The fact that Lightstream’s core values are so in sync with those of the major CSPs has become a major benefit to our customers.

Gain a competitive advantage

Ensuring that your infrastructure is optimized and up to date can give your business a competitive advantage in the marketplace. In general, Lightstream Cloud Managed Services customers are better positioned to achieve five business outcomes after undergoing a Well-Architected Review:

  • Reduce costs
  • Increase revenue
  • Ensure compliance
  • Go to market faster
  • Increase the quality of products or services

Harnessing the speed and agility offered by the cloud is the first step. But with those advantages come risks such as misconfiguration, security threats and financial and operational inefficiencies. If you’re not proactive about avoiding these risks, you open your organization up to multiple vulnerabilities that cybercriminals and competitors are waiting to capitalize on.  Therefore, the question is not “can I afford to maintain a Well-Architected Framework?” but, “can I afford not to?”

To learn about how Lightstream Cloud Managed Services can help your enterprise identify and remediate security vulnerabilities, improve compliance, technically right-size applications and reduce your cloud spend, contact us today or visit http://lightstream.tech.

The Role of Hybrid Connectivity and AWS Direct Connect in a Post-Pandemic World

It’s no secret that the role of technology in our lives – and our livelihoods – grew exponentially since the pandemic began in early 2020. The internet became our lifeline for entertainment, remote working, education, shopping for everything from groceries to PPE, and for staying in touch with friends and family. The businesses that survived did so not by luck, but by racing to transform their operations and digitize their services. Restaurants all over the world were forced to close their doors, but many were able to continue to serve their customers by putting their menus and ordering services online and providing contactless payment and delivery. Grocery stores had to establish virtual shopping carts to give home-bound people access to much-needed food and supplies. Schools and enterprises with once bustling offices and classrooms had to make a dramatic shift almost overnight in order to facilitate entirely remote workforces and student bodies.

All of this was made possible by the cloud. Cloud service providers (CSPs) like Amazon Web Services (AWS) and Microsoft Azure saw unprecedented demand, with cloud spending increasing to $39 billion. Caught off guard, IT professionals everywhere scrambled to ramp up network connectivity so that it could support this new normal. They had to not only facilitate business processes in the cloud, but they had to do so via fast, reliable and secure connections. Staff members needed uninterrupted access to mission-critical apps no matter where they were located. Employees and students alike needed full virtual access to their desktops, and the data needed to be secured to ensure compliance with regulations. Restaurants and retailers had to protect valuable customer credit card accounts. Smooth customer experiences were integral to business survival. And organizations couldn’t afford exposure to attacks during an already tumultuous time.

An uncomplicated, efficient solution

For many of these organizations, the answer came in the form of hybrid connectivity, or dedicated network connections from premises to cloud. AWS Direct Connect for example, enables private connections between AWS and customer data centers, offices or colocation environments, which increases bandwidth throughput and provides a safer, more consistent network experience than internet-based connections. Businesses with strict regulatory requirements that demanded the use of private connectivity were able to build hybrid environments with services such as AWS Direct Connect that allowed them to continue utilizing their existing infrastructures.

Elasticity is another benefit of AWS Direct Connect, as it provides 1 Gbps and 10 Gbps connections, and you can easily provision multiple connections if you need more capacity. Many organizations were even able to reduce their bandwidth costs by transferring their data to and from AWS directly instead of via their ISP — a major perk during a time of economic crisis.

Preparing for the future

As we begin to emerge from the pandemic, many enterprises are bringing their employees back to the office. However, a recent study  from the Becker Friedman Institute in Chicago predicts that 20% of workdays will continue to be work-from-home (WFH) after the pandemic ends, compared with just 5% before. According to the study, this shift can be credited with better-than-expected WFH experiences, new investments in physical and human capital that enable WFH, greatly diminished stigma associated with WFH, lingering concerns about crowds and contagion risks, and a pandemic-driven surge in technological innovations that support WFH.

More than a year since the pandemic started, consumer habits have also permanently changed. Judging by how online grocery sales are estimated to increase from today’s $106 billion to over $250 billion by 2025, according to market research firm Mercatus, it’s clear that many people prefer to do their grocery shopping online and will continue to do so. As life returns to normal, ecommerce offers busy consumers a more convenient way to shop for whatever they need – from groceries and personal care items to clothing, furniture, home décor and even automobiles. Studies have also shown that higher education students have a strong preference for hybrid learning, as it combines the social experience that they crave with the flexibility of remote study.

If these predictions are any indication, cloud spending will also continue to increase in the coming years. Gartner projects that by 2024, cloud will make up to 14.2% of total global enterprise IT spending, while at the end of 2020, cloud made up just 9.1% of global enterprise IT spend. Cloud interconnection is the way organizations can build a hybrid cloud that facilitates low latency, highly secure and available data transfer between their on-premises data centers and the cloud. Hybrid connectivity services such as Direct Connect from AWS is a cost-effective way for businesses across all industries to provide employees, students and customers with fast, reliable and secure access to their desktops and shopping carts.

One major takeaway from the events of the past year is that organizations must be prepared for the unthinkable. Hybrid connectivity models such as AWS Direct Connect can do just that by future-proofing businesses and giving them the flexibility they need to survive when disaster strikes. Business continuity must be a priority not just for large enterprises, but for every business across every sector.  Moreover, since many of the consumer habits adopted during the pandemic are likely to remain with us permanently, you can gain an edge over competitors by using this opportunity to augment or even remake the online components of your business.

Lightstream can help

Lightstream first began as a WAN service provider way back in 2004. Our expertise is deeply rooted in networking and interconnectivity – and more recently with AWS Direct Connect and global network connectivity – which makes us uniquely qualified to deploy complex dedicated interconnections. Lightstream is proud of its status as an AWS Advanced Consulting Partner and is well versed in meeting compliance requirements and determining your cyber exposure for AWS. We’ll help you get AWS Direct Connect up and running quickly from a network of global service providers reaching 198 countries. Contact us today to find out how we can take the complexity out of your on-premise and cloud convergence, including network integration, cloud migration, security and system monitoring, all supported through 24/7 managed services.

AWS FinOps – Saving Money or Making Money?

How to regain financial and operational control and ensure a fully optimized AWS cloud environment (including insights on AWS gp3)

We’re working in an era where business moves at lightening speeds. Technology has drastically increased our ability to innovate, our speed to market, and the ease with which we can scale up or down in response to ever-changing needs. But with this enhanced agility and on-demand performance comes big tradeoffs in the form of financial accountability and corporate governance. Gone are the days when a staff member would fill out a purchase order, submit it to accounting for approval, and wait days (or even weeks) for the greenlight to make the purchase. Our on-demand expectations have phased out the spending analysis step from the procurement model.

In few places is this truer than cloud environments. All too often, inefficiencies are not uncovered until after the damage has been done and we’ve wasted significant portions of our -cloud budget on needless overspending. And let’s be clear:  wasting money means you’re not making money. This is why there is so much buzz surrounding FinOps these days. Short for financial optimization, FinOps is the practice of bringing financial accountability to the variable spend model of cloud, enabling distributed teams to make business trade-offs between speed, cost and quality. There are a variety of ways to optimize cloud spending, such as contracting and other savings programs, reserved instances and infrastructure add-ons that can boost efficiencies.

Optimizing AWS Cloud Performance

AWS is one cloud provider that consistently launches new technologies to increase the cost effectiveness of its cloud environments. The R&D teams at AWS are always looking for new ways to make their tools more functional and less costly. One of the most recent products is gp3, a new type of solid-state drive (SSD) Amazon Elastic Block Store (EBS) volume that lets you provision performance independent of storage capacity and offers a 20% lower price than existing gp2 volume types. The new gp3 volume type is designed for use with Amazon EC2 instances, an elastic compute cloud where virtual servers are procured as either dedicated servers or as part of a physical server. With gp3 volumes, customers can scale IOPS (input/output operations per second) and throughput without having to provision additional block storage capacity. This means customers only pay for the storage they need.

We find that most users are spending two-thirds of their budget on their EC2 product, and within that, about 40% of the spend is EBS related. The first step in optimizing this spend is to gain visibility across your entire environment and identify areas of high or rapid growth, then use best practices to optimize and contain your costs. Some ways to do this are by deleting or converting unattached disk storage, deleting old snapshots and terminating unused assets. Once you have done this initial analysis and clean-up, you can start taking advantage of savings programs. Based on your historical cost and usage data, AWS can recommend savings plan types, terms and payment options.

While it’s true that AWS and other cloud providers offer many ways for customers to save, it’s not always easy and can be quite time consuming to achieve results. Organizations often find that they don’t have the manpower to stay on top of cloud-cost management.

To help reduce the complexity of financial optimization, Lightstream offers a proprietary tool called Lightstream Connect that provides a holistic view of your technology spend and network through a single pane of glass. Lightstream Connect is not a new offering, however it was recently enhanced in early 2021 in response to AWS’s gp3 release. The first to market this type of functionality, Lightstream’s automated tool analyzes usage patterns and drives to gather statistics and generate a concise report of recommendations for infrastructure modifications that can increase savings.

Realizing Your Potential Savings

Most organizational leaders aren’t aware of just how much they can save by -optimizing their cloud environments. In fact, it’s not uncommon for businesses to cut as much as 20% of their monthly spend without jeopardizing security or performance. Financial and IT professionals who either aren’t sure how to go about taking advantage of these savings or don’t have time to devote to it should find a partner like Lightstream that is an AWS Advanced Consulting and Microsoft Gold Partner and invests in the tools and talent necessary to secure and optimize cloud environments. Lightstream helps customers re-incorporate financial, technology, operational and security accountability -back into cloud spending either by making it easier for them to monitor and assess their own environments, or by removing the burden entirely and doing it for them.

Lightstream has helped many customers to achieve -cloud optimization. With ongoing management of their cloud environments, on finance alone we save our customers millions of dollars every year. One customer was spending $1.2 million per month in AWS. Their IT team didn’t have the time, resources or visibility they needed to understand exactly where that money was being spent. Upon assessing their environments, Lightstream discovered that they lacked tags and partitions. So, we assisted them in a tagging strategy and determined that they were actually losing money on one of their products. Our Cloud Managed Services (CMS) team optimized the product to -improve its performance and make it profitable, ultimately saving the corporation over $1.5 million annually.

Lightstream offers a free assessment to identify which EBS workloads you should migrate to gp3 volumes and calculate your potential savings using our proprietary EBS optimization analytics application. To speak with a representative about having your environment assessed at no cost to you, contact us today.

Reducing the Complexity of Securing SD-WAN Environments

In today’s remote-working world, many enterprises are transitioning to software-defined networking in their wide area networks, or SD-WAN, in place of traditional MPLS-based WANs. Is it any wonder network and IT professionals are fully embracing SD-WAN? Where they once had to deal with the challenges caused by an architecture overwhelmed by an ever-increasing load of data and devices, IT departments now are able to increase bandwidth, improve connectivity, and enable multicloud applications via a single, centrally managed WAN edge platform.

MPLS-based wide area networks allowed for centralized security policy and enforcement across the organization. While SD-WAN enables lower latency and faster access to cloud and SaaS applications, it also raises significant security issues. If a corporate enterprise has 200 locations, transitioning to an SD-WAN topology now expands the footprint of locations that must be secured, audited and monitored from a handful of data centers in the MPLS world to all 200 locations in an Internet-based SD-WAN architecture. That’s a tremendous burden for IT leaders to take into consideration as they are not only deploying a new WAN architecture, but they also must make sure it is properly secured. So as SD-WAN fosters tremendous transformation, it also increases the potential for major vulnerabilities within the organization.

SD-WAN topologies enable greater network visibility and centralized management of the distributed network This in turn allows IT personnel greater insight into the applications traversing the WAN between locations as well as to the Internet. When properly secured, SD-WAN enables “internal” network segmentation on an organization’s WAN without forcing all Internet-based traffic to flow through the headquarters location. However, it is imperative that additional security tools be implemented. Networking and security technology have come a long way, but still there is significant room for advancement. No cybersecurity infrastructure is perfect, and that fact is proven daily by the number of successful cyberattacks experienced by businesses worldwide.

As organizations increasingly move to the cloud, many have turned to a cloud access security broker (CASB) or one of the cloud-based caching, proxying, and security devices to confront data security and governance challenges. Secure access service edge (SASE) frameworks have been gaining traction as these are designed to connect and secure geographically dispersed branches and other endpoints to an enterprise’s data and application resources, whether internal, cloud-based, or Internet-based. Despite – or perhaps due to – this rapidly emerging technology, it is more important than ever for IT teams to come together to determine where to do the appropriate level of security introspection and inspection.

The Convergence of Security and Networking

Where security and network procurements were once handled separately, network and security decisions increasingly are being made at the same time and more often with the same solution, according to Gartner. It predicts that as part of a desire to minimize branch sprawl, more customers will look to partner with vendors that offer a combined security and networking solution or as part of a broader ecosystem.

Likewise, this convergence is prompting convergence of networking and security teams. Frequently the question is who owns the SASE product set? The answer: it doesn’t matter.

Securing SD-WAN can be a complex and overwhelming undertaking, and one that should not be initiated without networking and security teams joining forces long before the SD-WAN is deployed. The two teams must collaborate on how to take the organization’s architecture and security posture from its current state to where it needs to go for future growth and success. Three steps to get started include:

  1. Evaluate Your Services Chain
    Analyze your edge services chain to identify what network functions need to be supported and integrated into the SD-WAN. By analyzing what components need to be physical, virtualized or combined/collapsed, your organization can determine if a single SD-WAN appliance will meet the need or whether a more complex deployment model is needed. Be sure to look at it from the lens of security, including regulatory compliance.
  2. Identify Must-Have SD-WAN Security Capabilities
    Learn the different security features of various SD-WAN vendors and line them up against your organization’s requirements. Some must-have security capabilities include policies for on-demand security, encryption, distributed denial-of-service DDOS protection, unified threat management (UTM)/firewalls, and threat intelligence.
  3. Fill Security Gaps
    Address missing security needs with managed services. These services can range from Managed SD-WAN solutions to Managed Security Services that address security from the network’s edge all the way to the cloud, and incorporate automation, Zero Trust, and best practices for security and industry-specific compliance. The key is to make sure you work with a partner who understands clearly how to secure SD-WAN solutions effectively with clear KPIs that work well with your IT organization.

The Case for Outsourcing

As SD-WAN adoption expands, there is a surge in managed service providers augmenting the enterprise IT staff. Organizations are finding that they must refocus valuable internal IT resources to carry out their core goals. The software-defined nature of SD-WAN lends itself to leveraging third-party providers that can alleviate the burden on overworked IT staff. The smartest IT leaders will turn to a provider with expertise in network, security, and cloud to gain 360-degree visibility into network and security actions as well as cloud governance

 

 

The Maturity of Vulnerability Management Matters

If you work in cybersecurity at a typical mid-market company, you probably cringe when you hear the term “vulnerability management.” Let me see if I can guess how the workflow goes for you:

  1. Someone uses a scanning tool to scan as many assets across your network as you know about.
  2. The output gets exported to a spreadsheet.
  3. The spreadsheet is sorted by “criticality.”
  4. Various department or organization heads receive line-items they are responsible for patching with little context on why.
  5. You wait a week or so, then repeat the process.

How close did I get?

The various pieces of your cybersecurity strategy are programs in themselves, which means we can measure them for maturity. The problem is that mid-market companies seldom have the time or resources, not to mention the capital, to execute a full-scale program. That approach ultimately leads to a “just-do-something” execution of cybersecurity, and things get complicated.

Some hallmarks help me determine what level of maturity an organization has attained. Here are just a few:

  1. Strategy: How an organization thinks about vulnerability management and whether it’s truly managing vulnerabilities or simply trying to play whack-a-mole is telling. Managing vulnerabilities means a lifecycle approach and understanding that once they’re discovered, vulnerabilities can have one of three fates:
    1. Remediate – simply put, apply the fix or patch.
    2. Defer – push the fix until a later point in time such as when the system is retired shortly.
    3. Accept – accept that the vulnerability will not be fixed, and alternative accommodation needs to be made.
  2. Execution Discipline: Understanding the discipline with which an organization executes the tasks of a vulnerability-management program says a lot. Are there change controls? Is the process well-documented and universally accepted across the organization? Does the program include all of the organization’s assets? These and more are important questions to consider. As an organization matures, execution will be more repeatable and predictable.
  3. Follow-through: Few things are more important than following through. It makes no sense to scan, notify, but then do nothing but wait for someone else to do something. As an organization matures it will learn to not only notify but report, and follow-through on impacting positive change.

All this said the important thing is to figure out how your organization ranks, and what your real level of maturity is. There is no universal answer to what maturity level your particular organization should be at. But knowing is a critical first step.

Top Security Predictions that WON’T (But Should) Happen in 2021

If you’re scoffing at the predictability of a trend-related blog post in January, we couldn’t agree more. In an effort to be slightly less predictable, we’re taking a different approach by letting you in on what the cyber security community predicts will not happen this year. Industry veteran and Vice President of Security Strategy at Lightstream, Rafal Los recently took to social media to ask, “What’s the thing that probably won’t happen in cyber security in 2021?” Some of the responses from his followers were expected, others, not so much. So, without further ado…let’s take a look at their anti-trends for the coming months.

Tied for #1: Password Elimination & Meaningful Asset Management

Let’s face it, passwords and asset management seem like they’ve been a thorn in the side of the security industry since the invention of the computer. In fact, the first computer password was developed in 1961 at the Massachusetts Institute of Technology, for use with the Compatible Time-Sharing System (CTSS). Yet 60 years later – long after CTSS has given way to the modern Windows and OSx systems in use today – the general consensus is that passwords won’t be going away anytime soon. What is driving this skepticism?

For starters, we still don’t have a better way to protect our personal and enterprise data. Thumb prints and facial recognition are promising, but they still haven’t proven themselves to be ironclad. Adding to that are the security challenges COVID-19 has forced enterprises to overcome. With many companies now operating in work-from-home (WFH) environments and the very real possibility that this will be an ongoing strategy in the post-pandemic economy, remote workers are at a huge risk for identity-related breaches. Corporate IT is struggling to maintain control of computer-related assets, including software, unauthorized devices and loss of security.

Knowing that passwords are here for the foreseeable future and that asset management has never been more challenging, 2021 presents an opportunity for IT leaders. This is a critical time to adopt new ways to improve the identification, tracking and management of employees, applications and devices that access resources.

#2: Widespread Zero Trust Adoption

It’s hard to argue that the adoption of Zero Trust principles is anything but required for cybersecurity to advance. So, despite Zero Trust being at the foundation of Lightstream’s offerings, and what analysts and professionals feel is the future of security, there appears to be a lack of confidence in it being widely adopted in the coming months. It could be that many see Zero Trust as a tool or a widget to be installed – when in fact it’s a rethinking of the way systems interact and behave. Zero Trust goes at the root of security – identity and data – oddly the two things cyber security understands the least. There is something of significance here, but we’ll save that for a future article.

Enterprises should widely embrace a model that shuns the assumption that everything behind the corporate firewall is safe, or that there is such a thing as “behind the corporate firewall” anymore. The security of every organization depends on a new way of thinking, and the Zero Trust model of “never trusting, always verifying” would be hugely beneficial in an environment where remote working is becoming the norm. Lightstream’s Managed Security Services platform incorporates automation, Zero Trust concepts, best practices and industry-specific compliance to help IT leaders manage costs effectively, reduce complexity and improve the efficiency and efficacy of data center, network and cloud security.

#3: Fully Patched Environments/Systems

“Patching. It was a problem in 1999, and the social media responses prove that it continues to be a problem in 2021. What makes this such a difficult task?” ponders Rafal Los. Patching is the process of applying ‘fixes’ to existing deployed software packages, most often from the vendor, when flaws are identified and resolved. Similar to applying a physical patch to a garden hose to prevent water from leaking out, the purpose of the cyber security patch is to cover the vulnerability, keeping attackers from exploiting the flaw. Much like how water usually finds a way to break through that patch in your garden hose, attackers are experts in finding ways to circumvent applied patches when the underlying cause is not fully remediated. Therefore, enterprises must ramp up their vulnerability management strategies in the coming year.

The process of identifying, categorizing, prioritizing, and resolving vulnerabilities in operating systems, enterprise applications (whether in the cloud or on-premises), browsers and end-user applications is no small feat. It’s an ongoing process that requires considerable time and resources, which makes it an initiative that enterprise IT might best consider outsourcing.

#4: Elimination of Phishing

It’s clear that no one expects phishing to go away, nor do we expect people to stop clicking on phishing lures – yes this includes you, security professionals. So, it’s not a huge shock that this is among the anti-trends predicted for 2021. Phishing scams are becoming more sophisticated every day, so it’s imperative that corporate IT do their best to stay one step ahead of attackers. This may involve taking a multi-faceted security approach to lessen the number of phishing attacks and reduce the impact when attacks do occur.

#5: Unification of C-Suite & Security Professionals

There are many cynics in the cyber security industry that see a lack of executive accountability (with the exception of the Chief Information Security Officer). This threatens to further deepen a dangerous rift between security professionals and the companies/boards they support. Therefore, there is a major opportunity for companies to develop strategies to ensure accountability “goes both ways,” as we like to say.

#6: Effective Use of Machine Learning

People are still broadly skeptical of Machine Learning in cyber security. This subset of artificial intelligence has been significantly hyped since its inception, yet it still hasn’t fully come to fruition. Rafal Los considers that while it sounds exciting, perhaps we might be a bit premature in the belief that systems can learn from data, identify patterns and make decisions without human intervention. Besides, we’ve all seen what happens when machines become “artificially intelligent” – and we’re pretty sure we don’t like the ending of that movie.

Other Notable Anti-Predictions

There were several other responses to Raf’s social media posts worth mentioning. While you’d be hard pressed to find someone that expects the number of breaches to go down or malware volume to decrease, they surprisingly didn’t make it into the top six predictions. Could that be due to industry optimism, or perhaps it’s just that we’re all tired of talking about these topics? On the flip side, the elimination of WindowsXP systems made the top 10, which is astonishing since it officially became unsupported way back in 2014 (seriously, what’s it going to take?).

Software-security-related items appear several times, making it obvious that there are some who still have little faith in software security. Rafal Los blames the contentious relationship between security professionals and developers. According to Raf, a typical security professional/developer exchange [still] goes something like this:

Security professional: “You’re doing it wrong.”

Developer: “You don’t know what you’re talking about. Show me.”

Security professional: “It’s not my problem. Fix it.”

Clearly, this is another area where there is major room for unification in 2021.

Contact Lightstream to find out how we can help you unify strategies to build secure, generational capabilities that can help your organization accomplish its goals for 2021 and beyond.

The Red Herrings of Cybersecurity Blog Series 3 of 4

Welcome to 2021.

I felt like I needed to write that we survived 2020 and are now well on our way to whatever things this year holds. In this series, I’m addressing the things that your vendors do or say that are “red herrings” – that is, they sound good but aren’t quite right.

In this installment, I’m going to address complexity. Having been involved in selling cybersecurity solutions since roughly 2007, I believe I know a few things about this.

I believe with all my heart the following statement to be true.

“The value of any security solution is inversely proportional to its complexity.”

Give that a think for a second.

The more pieces of a solution your vendor has to virtually duct-tape together for you, the less real security value the solution holds overall. I do not doubt in my mind this is true. The reason for that – I’ve seen it with my very own eyes. I’ve witnessed 100+ page solution specifications that were so complex I don’t think anyone truly understood what was happening. Forget about actually explaining it.

I think customers sometimes believe that because a solution they’re being presented is exceptionally complex that it is better. That has something to do with the level of knowledge of the buyer. I’ve seen opportunistic sales teams take advantage of this, and it’s unfortunate.

The truth of the matter is simplicity always wins. It is difficult to debate that rationally. The more steps there are in a process; the higher the chance that there will be a failure along that chain of events. As a buyer, you should be looking for the simplicity of the overall solution. Additionally, look for simplicity in the various technology components, processes, and outcomes.

Rejecting complexity and insisting on simplicity is critical in security. It is particularly critical when you’re dealing with managed services. Here are 3 of the most important pieces, when it comes to keeping it simple:

  1. Engagement process – the process by which a customer engages with the vendor for specific tasks, workflows, or requests; for example, requesting changes or working incidents
  2. Integrations – connecting technologies together, to maximize their effectiveness, must be simplified to keep the system from becoming brittle and incurring unexpected outages
  3. Technical solution – the various technical pieces of the solution should minimize complexity by limiting the number of specialized components, and the number of times that a workflow passes from one technical system to another

There you go, part 3 on complexity. In a nutshell – if you don’t understand the solution someone is trying to sell you because it’s uber-complex … it’s probably not right for you.