Why Fortify with Modern Security and Zero Trust?
Thu, 06 Oct 2022 20:17:13 -0000
|Read Time: 0 minutes
Today’s infrastructure landscape is rapidly changing. Customers’ data is scattered — across cloud, multi-cloud, core datacenter, and edge. And with that comes a more challenging threat landscape. The security provisions you deployed yesterday may not be ready for today’s security reality. Cyberattacks can come from anywhere — inside and outside of your organization. This means that you must have a comprehensive and continuous security strategy that is cyber resilient and enables zero trust principles.
Why bother with a comprehensive approach like zero trust?
Cyber threats are real. And the damage caused by attacks can be costly and devastating. Likewise, regulatory pressures (from a compliance, financial, and liability perspective) that have come about as a result of these attacks are growing.
This, combined with the complexity of the modern IT infrastructure and the sophistication of today’s threat landscape, requires a trust model that validates at every point in the IT environment before permissions are granted.
Zero trust is an approach to security that assumes that every part of your infrastructure is at risk — requiring continuous verification and validation. While the purpose of this blog is not to talk in depth about what zero trust is, we do want to explain its validity given today’s threat landscape and explain how Dell Technologies’ cyber-resilient architecture is the foundation for the critical elements of a zero-trust environment.
Learn more about how Dell provides broad coverage across these pillars in our Zero trust architecture infographic.
You might be wondering, why does zero trust have so many categories? The simple answer is that you need as complete and continuous coverage as possible across your infrastructure if you want your security efforts to be successful. For example, your organization might do encryption really well. But this doesn’t matter if you don’t have strong multifactor authentication to identify the users of that encrypted data. Your organization is only as secure as your weakest link, which is why focusing on all seven pillars is your best defense in combating threats.
While the ultimate goal is to keep attacks from coming in at all, rejecting them at the point of entry, that’s not always possible. The zero-trust model requires more refined validation at key intersections for verified trust, optimizing least privilege without impacting workload efficiency. However, if a breach does occur, the sphere in which they could do damage should be minimized, along with an enhanced ability to detect and remediate immediately. Dell Technologies’ cyber-resilient architecture, enhanced over many years, is the foundation for the critical elements of a zero-trust environment.
What is the value of having a cyber-resilient architecture?
In simple terms, cyber resiliency within your infrastructure is what helps minimize the exposure to attacks. Dell Technologies solutions are hardened and designed to help you protect, detect, and recover from cyberattacks.
Dell, of course, has been talking about its cyber-resilient architecture for a long time. What’s changed now, however, is that given the emerging threat landscape, we can see how zero trust goes hand in hand with a cyber-resilient architecture. And it’s why we’re continually making enhancements to our cyber-resilient architecture: to provide even greater visibility, risk reduction, and resilience — so that your infrastructure intrinsically supports a zero-trust approach.
We’ll explore cyber resiliency in more detail in a later blog. For now, you can find additional information about Dell’s cyber-resilient architecture in our infographic and video.
Why partner with Dell?
Dell creates the products and features to help you meet your zero-trust goals. We also watch the regulatory landscape to make sure that our solutions meet industry standards and exceed capabilities in the area of security. We do this through:
Processes: Delivering a cyber-resilient architecture requires security awareness and discipline at each stage of development. The Dell Secure Development Lifecycle (SDL), for example, outlines the set of activities required throughout the product lifecycle to promptly build security resiliency and consistent security capabilities into our products and respond to any security vulnerability.
Additional security solutions: In addition to embedding layered security into our products, we provide standalone security solutions focused on specific areas, like data protection. If data does get compromised, you want a backup system that enables business continuity and provides assurance that the backup itself hasn’t been compromised. Offerings like Dell PowerProtect Cyber Recovery and CyberVault enable a robust backup, including the use of Airgap and CyberSense to detect anomalies and mitigate potential problems that could compromise your data.
Simplification: Security controls are useless if they’re not being used. While Dell provides you with sophisticated security controls, we’ve also significantly simplified their use and deployment. Look for more information about “security complexity” in a later blog.
Supply chain security: At Dell, we’re also focused on personnel, operational, and supplier provisions for supply chain security. We have technologies and programs in place, like Secured Component verification that enable the verification of your components from the factory to your site.
Regulatory certifications: We closely monitor regulatory requirements around the world — and make sure our solutions contain the certifications (FIPS, USGv6, Common Criteria, and others) that matter to you. With this focus, we’re able to provide security controls that match emerging regulatory requirements, helping to keep your business secure and compliant.
This is just a glimpse of what Dell Technologies is doing in this space. As Cybersecurity Awareness month kicks off, please take time to read the follow-on blogs in this series and discover the different ways that Dell Technologies is working hard to protect your business.
Author: Craig Phelps
Related Blog Posts
Why Fortify with Modern Security and Zero Trust?
Thu, 26 Jan 2023 21:34:59 -0000
|Read Time: 0 minutes
Today’s infrastructure landscape is rapidly changing. Customers’ data is scattered — across cloud, multi-cloud, core datacenter, and edge. And with that comes a more challenging threat landscape. The security provisions you deployed yesterday may not be ready for today’s security reality. Cyberattacks can come from anywhere — inside and outside of your organization. This means that you must have a comprehensive and continuous security strategy that is cyber resilient and enables zero trust principles.
Why bother with a comprehensive approach like zero trust?
Cyber threats are real. And the damage caused by attacks can be costly and devastating. Likewise, regulatory pressures (from a compliance, financial, and liability perspective) that have come about as a result of these attacks are growing.
This, combined with the complexity of the modern IT infrastructure and the sophistication of today’s threat landscape, requires a trust model that validates at every point in the IT environment before permissions are granted.
Zero trust is an approach to security that assumes that every part of your infrastructure is at risk — requiring continuous verification and validation. While the purpose of this blog is not to talk in depth about what zero trust is, we do want to explain its validity given today’s threat landscape and explain how Dell Technologies’ cyber-resilient architecture is the foundation for the critical elements of a zero-trust environment.
Learn more about how Dell provides broad coverage across these pillars in our Zero trust architecture infographic.
You might be wondering, why does zero trust have so many categories? The simple answer is that you need as complete and continuous coverage as possible across your infrastructure if you want your security efforts to be successful. For example, your organization might do encryption really well. But this doesn’t matter if you don’t have strong multifactor authentication to identify the users of that encrypted data. Your organization is only as secure as your weakest link, which is why focusing on all seven pillars is your best defense in combating threats.
While the ultimate goal is to keep attacks from coming in at all, rejecting them at the point of entry, that’s not always possible. The zero-trust model requires more refined validation at key intersections for verified trust, optimizing least privilege without impacting workload efficiency. However, if a breach does occur, the sphere in which they could do damage should be minimized, along with an enhanced ability to detect and remediate immediately. Dell Technologies’ cyber-resilient architecture, enhanced over many years, is the foundation for the critical elements of a zero-trust environment.
What is the value of having a cyber-resilient architecture?
In simple terms, cyber resiliency within your infrastructure is what helps minimize the exposure to attacks. Dell Technologies solutions are hardened and designed to help you protect, detect, and recover from cyberattacks.
Dell, of course, has been talking about its cyber-resilient architecture for a long time. What’s changed now, however, is that given the emerging threat landscape, we can see how zero trust goes hand in hand with a cyber-resilient architecture. And it’s why we’re continually making enhancements to our cyber-resilient architecture: to provide even greater visibility, risk reduction, and resilience — so that your infrastructure intrinsically supports a zero-trust approach.
We’ll explore cyber resiliency in more detail in a later blog. For now, you can find additional information about Dell’s cyber-resilient architecture in our infographic and video.
Why partner with Dell?
Dell creates the products and features to help you meet your zero-trust goals. We also watch the regulatory landscape to make sure that our solutions meet industry standards and exceed capabilities in the area of security. We do this through:
Processes: Delivering a cyber-resilient architecture requires security awareness and discipline at each stage of development. The Dell Secure Development Lifecycle (SDL), for example, outlines the set of activities required throughout the product lifecycle to promptly build security resiliency and consistent security capabilities into our products and respond to any security vulnerability.
Additional security solutions: In addition to embedding layered security into our products, we provide standalone security solutions focused on specific areas, like data protection. If data does get compromised, you want a backup system that enables business continuity and provides assurance that the backup itself hasn’t been compromised. Offerings like Dell PowerProtect Cyber Recovery and CyberVault enable a robust backup, including the use of Airgap and CyberSense to detect anomalies and mitigate potential problems that could compromise your data.
Simplification: Security controls are useless if they’re not being used. While Dell provides you with sophisticated security controls, we’ve also significantly simplified their use and deployment. Look for more information about “security complexity” in a later blog.
Supply chain security: At Dell, we’re also focused on personnel, operational, and supplier provisions for supply chain security. We have technologies and programs in place, like Secured Component verification that enable the verification of your components from the factory to your site.
Regulatory certifications: We closely monitor regulatory requirements around the world — and make sure our solutions contain the certifications (FIPS, USGv6, Common Criteria, and others) that matter to you. With this focus, we’re able to provide security controls that match emerging regulatory requirements, helping to keep your business secure and compliant.
This is just a glimpse of what Dell Technologies is doing in this space. As Cybersecurity Awareness month kicks off, please take time to read the follow-on blogs in this series and discover the different ways that Dell Technologies is working hard to protect your business.
Author: Craig Phelps
Four Commonly Overlooked Foundations for Cybersecurity
Wed, 29 Mar 2023 13:46:53 -0000
|Read Time: 0 minutes
Lack of well-maintained foundational cybersecurity elements creates gaps, residual risks, and other operational challenges. These challenges lead organizations to a weakened cybersecurity posture.
Four commonly overlooked foundational elements are:
- Asset management
- Business impact analysis
- Risk management
- Threat and vulnerability management
These elements, coupled with the pace of change in the industry and the need to quickly mitigate risks, cause organizations to make decisions about controls and solutions without all the necessary information.
To mitigate this problem, organizations need to examine the foundational components used as input to the cybersecurity control decision processes.
Asset management across on-premises and cloud
A 2022 ThoughtLab Group study estimated that cybersecurity attacks during the next two years will primarily target misconfigurations, human error, poor maintenance, and unknown assets. Comprehensive asset management is critical to inform cybersecurity decision-making designed to mitigate many of these challenges.
The asset management strategy and process for on-premises and cloud should include:
- Devices (for example, computers, Internet of Things [IoT], mobile)
- Applications
- Identities (internal and external)
- Data (for example, repositories, sensitivity, ownership, data flows)
- Employees, contractors, partners, vendors, and providers
- Supply chain (leveraging data such as value stream maps to help identify the supply chain assets)
Asset inventory management is one of the most difficult tasks for an organization to establish and maintain. It is a continuous process, and changes to the environment are frequent (new servers, updates, user and data creation/deletion, and so on).
If organizations do not understand what they have, they cannot begin to estimate its value and priority in the business impact analysis. Organizations will also be unable to determine (through the risk management process) what risks are associated with an asset if they do not know it exists or if they have incorrect data. For example, if a server is incorrectly identified as running a certain application or patch level, it will have different risks associated with it than if that server has a different application running or patch level deployed.
Business impact analysis
In the past, the business impact analysis (BIA) was conducted mainly to gather application details, assess the impact of disasters, and aid in making decisions for recovery controls. However, today the BIA serves as a critical foundational component for an organization's cybersecurity program, providing insights into overall business risks, including disaster recovery.
Establishing and regularly updating the business asset values and priorities—through a qualitative, quantitative, or hybrid approach—provides the baseline for the BIA. Once assets are identified and sensitivity is understood (Quinn, and others, Using Business Impact Analysis to Inform Risk Prioritization and Response, 2022), determination of their business value (focusing on cyber or digital assets) and priority, including tiering, can be made. (While people may be considered as an asset in asset management, their monetary value is typically not measured in the BIA.)
The BIA should then continue the asset evaluation by identifying potential threats. It should assess the potential impact of the threats and determine the probability of their occurrence on the assets and, ultimately, the business. This assessment provides the critical input needed for risk management and shows where the BIA and risk management intersect.
The NIST IR 8286D (2022) provides additional detail regarding the BIA and its critical role in the risk management processes. If done incorrectly, the BIA could lead to improperly prioritizing a system, inadequate controls being implemented to that system, and, ultimately, a breach of the system.
Risk management
Risk management is a large, complex process that intersects many aspects of cybersecurity. It can involve a wide range of activities, including conducting a BIA, assessing risks, and managing vulnerabilities and threats.
The output from the BIA informs the risk management process. It does this by providing an understanding of the impact of an incident so that the risk management process can prioritize controls and resources and determine the risk strategy. Strategies include mitigation, avoidance, transference, reduction, or accepting the risk. Combinations of risk strategies should be leveraged to close gaps that lead to residual risk. With this approach to risk management, organizations can stay ahead of the ever-changing threats and challenges.
Risk management can cover various cross-sections of the business, such as supply chain, third-party vendors, and regulatory compliance. Supply chain and third-party vendor risk should be part of an overall risk management strategy. “82 percent [of CIOs surveyed] say their organizations are vulnerable to cyberattacks targeting software supply chains” (Barker, 2022). Combining outputs from asset management and vulnerability management with organization risk strategies, organizations can make informed decisions that provide continuity through the supply chain and third-party vendor support.
Threat and vulnerability management
According to the Check Point Cyber Security Report 2021, 75 percent of attacks exploited vulnerabilities at least 2 years old. Threat and vulnerability management includes scanning, vulnerability scoring and prioritization, and updating necessary to thwart these attacks.
The outputs of asset management data identify systems to be scanned for vulnerabilities. Risk and vulnerability management overlap; threat and vulnerability management informs the risk management process, which prioritizes and determines how to address each vulnerability.
An organization’s cybersecurity program matures by incorporating threat and vulnerability management into its cybersecurity processes.
Conclusion
Cybersecurity is challenging due to constantly evolving threats. A wide range of adversaries adds to the complexity. Many organizations successfully capture data but then fail to maintain it, increasing both the vulnerability and the risk of a cyberattack. To stay ahead of constant expansion of threats and challenges in cybersecurity, organizations must establish and maintain the foundational components of asset management, BIA, risk management, and threat and vulnerability. These foundational components are interdependent. A change in data in one component often requires a change in another.
Partnering with experienced cybersecurity experts can help ensure that your organization stays protected against potential threats. Act today by contacting a Dell Technologies account representative to learn more about how Dell can help your organization safeguard against potential cyber threats.
Resources
- Barker, I. (2022, 5). 82 percent of CIOs believe their software supply chains are vulnerable. Retrieved from Beta News: https://betanews.com/2022/05/31/82-percent-of-cios-believe-their-software-supply-chains-are-vulnerable/
- Quinn, S., Ivy, N., Chua, J., Barrett, M., Feldman, L., Topper, D., . . . Gardner, R. (2022, 11). Using Business Impact Analysis to Inform Risk Prioritization and Response. Retrieved from NIST: https://nvlpubs.nist.gov/nistpubs/ir/2022/NIST.IR.8286D.pdf
- ThoughtLab Group. (2022). Cybersecurity Solutions for a Riskier World eBook. Retrieved from ThoughtLab Group: https://thoughtlabgroup.com/wp-content/uploads/2022/05/Cybersecurity-Solutions-for-a-Riskier-World-eBook_FINAL-2-1.pdf
Author: Chris Morgan, Principal Consultant
https://www.linkedin.com/in/cmorgandell/