7m read time
With data breaches a constant source of concern for CIOs, many organisations are shifting from reactive to proactive security measures.
For far too long, IT security has been an afterthought in enterprise. Security leaders have rarely had a voice in the boardroom, their teams have often been over-stretched and under-resourced, while security controls have been ‘bolted-on’ to existing applications and network infrastructures at the last minute. Corporate culture and training have tended to lag too, with security sometimes seen as prohibiting employee productivity and performance.
However, such views cannot continue given the ever-evolving threat landscape. Research shows that around seven million data records are compromised every day, at a rate of almost 56 every second, with the average global data breach cost estimated to be over $3 million. These breaches can often lead to catastrophic reputational and financial damage for organisations across every sector.
Such issues are coming to the fore as organisations’ networked traffic multiplies. A global pandemic has pushed workplaces to incorporate remote working as never before, with enterprise systems delivered through multiple applications and devices, and customer experiences further digitised on a myriad of different platforms.
For businesses, such complexity heightens the importance of data protection and of approaching IT security holistically, meaning that a new proactive approach to security is needed if businesses are to avoid the almost-inevitable data breach.
Advanced security approaches
The smartest businesses are urgently tackling their data security challenges by introducing stronger approaches across their operations, and earlier in the IT lifecycle process too.
These newer models include DevSecOps, which places security at the centre of the rapid software releases issued by DevOps teams - with many defence processes handled and automated by the development staff.
Advanced organisations have also introduced Zero Trust security policies, whereby every device and user are considered a potential threat. Organisations operating with a Zero Trust approach control access to enterprise networks based on users, devices, locations and other factors, while only allowing admittance to the resources or data needed for a particular task or expected set of activities.
Nevertheless, while these security methods are reasonably advanced, they are not the cure to all ills. Across people, process and technology, many organisations still face huge challenges around siloed and ill-equipped teams, a lack of visibility into the threats they face, and an inability to tackle attacks systemically across an increasingly complicated multi-cloud IT infrastructure.
As such, the ambition of achieving true ‘security-by-design’ - whereby security is at the heart of every aspect of an enterprise’s infrastructure - has not yet been fully realised in most businesses.
Intrinsic Security: From reactive to proactive
In contrast, the most advanced organisations are now moving towards genuinely proactive, embedded security by design. They are doing so by adopting a cutting-edge approach, called Intrinsic Security.
This emerging model represents a fundamentally different way of securing organisations and their entire IT infrastructures. Intrinsic Security is not a product or tool aimed at addressing the latest threats, but rather a strategy for securing all existing infrastructure and control points in real-time, across any application, cloud or device. It enables businesses to move away from reactivity and get ahead of threats to their data security - thwarting the cybercriminals and rogue state actors who have been so effective in recent years.
Rather than being bolted-on, Intrinsic Security is completely built-in to all aspects of a company’s network, hardware and software. Instead of being siloed, data and behaviours across organisations are seen in their total context. As a result, any app, on any device, running on any enterprise system, is much better protected.
Ultimately, Intrinsic Security makes it possible to move away from traditionally reactive security postures, which have been based on increasingly futile attempts to continuously identify new threats. It replaces these with artificial intelligence-based, predictive protection and threat mitigation. Considering the number of records compromised each day, and the fact that 44% of organisations have experienced a hardware-level attack in the past 12 months, Intrinsic Security is a necessary approach for stronger protection.
Establishing a clear advantage
By contrast with Zero Trust approaches, organisations achieving Intrinsic Security have more flexibility in terms of how they operate, alongside a greater degree of visibility and control over their operations. They can manage traffic through segmentation, inspecting it constantly, with an intrinsic understanding of workloads.
With the clear preference among CIOs for built-in security, organisations no longer need to be reliant on multiple standalone products and services to protect themselves from threats. Security controls can instead be incorporated directly into all the relevant architecture, with deep defence around networks, endpoints, and on-premise and cloud-based systems.
Given the ever-increasing security threats, it is becoming essential to move towards building such systematic protection thinking into operational cultures. Some businesses are already doing so by approaching security as a ‘team sport’, in which IT, operations, security and other departments collaborate constantly - backed with Dell Technologies and VMware's technology to lower their vulnerability to cyberattacks and to improve their cyber resilience.
In order to achieve success with Intrinsic Security, companies need to remember it is a fundamentally new approach, at every level of their infrastructure and ways of working. By establishing this mindset and carefully executing strategically, security teams are newly empowered as they are equipped with deeper context and sharper insights, enabling them to identify, understand and mitigate risks effectively.
Organisations know that the chances of having their security breached are increasing year-on-year, and the losses involved can be hugely significant - monetarily, operationally and reputationally. Intrinsic Security offers a major step forward for businesses that are ready to adopt a deeply sophisticated culture of defence.
Explore the new model for operational excellence at https://www.delltechnologies.com/en-gb/what-we-do/emerging-technology/security.htm
Learn more about Dell Technologies and VMware solutions: APEX Cloud Services - Cloud-as-a-Service | Dell Technologies United Kingdom