Knowledge Of DevOps That Teach Us About Cybersecurity
Knowledge Of DevOps That Teach Us About Cybersecurity
Cybersecurity and DevOps are both top pre-eminent for many enterprises and areas that have undergone considerable innovation presently. And even though these are two very diverse IT sides, there are lessons to be discovered between them. Both areas are amid significant transitions. For application development, the change is from slow, monolithic releases to fast and responsive development cycles. For cybersecurity, the change is from the old perimeter block/allow enforcement model to more adaptive security that constantly looks for threats beyond the enterprise.
While both of these areas are often designated as technology difficulties, they also compel organizations to reassess the bigger picture. Teams that silo previously may desire to work toward a common goal. Rigid processes give way to active feedback and adaptability. These more imperative and organizational changes are often just as crucial to the overall success as is the technology itself. And it is an operation where DevOps can present an example for cybersecurity teams. To become more agile and adaptive with their applications, organizations demanded more than just new technology – they had to tear down old organizational obstacles that kept the interdependent teams separated.
DevOps: Making the Move From Philosophy to Action
While DevOps and CD/CI have become all the rage, it is essential to remember that the key concepts are not mostly new. Organizations had been moving to active development strategies long before DevOps ever hit the mainstream. Organizations knew they wanted to be more receptive to customers, and Agile provided a model based on quicker, iterative releases that let them be more agile. It was the answer to the high-level difficulty facing the organization.
Nevertheless, being aware wasn’t enough – organizations also had to discover how to do it. Just because a team concluded they wanted to be Active didn’t mean that they were organized to work that way. Development and Ops were still in different silos, and testing came after development in a separate phase. To deliver on the more critical business goal, the organization itself had to adjust. Dev and Ops necessitated coming together. Development and testing started being treated as a continuous integration process. And once you do that, the development process was free to do the same. The breakthrough that eventually delivered on Active development promise was as much about people and processes as technology.
Cybersecurity and Conditional Access
IT security is in the same era of transition. For more than a decade now, the industry has identified the high-level issues that need to change. Security needs to look at new authentication approaches and go beyond the margin to find threats in the cloud and inside the network. Threat prevention and detection need to be continuous and adaptive instead of a single yes/no decision at the perimeter. The business needs to withstand an infection without losing data and without getting in the way of their actual employees.
And organizations have invested large amounts of time and money into solving the difficulty. And while the results have been positive, organizations are falling short of their goal in most cases. Threats still get through; staff is bewildered with alerts, and teams still mostly only block-based on signatures.
And like DevOps before it, it’s similarly likely that the blockage is as much organizational as it is technical. Conditional Access is a modern approach that produces a possible solution. In several organizations, the roles of Identity and Access are separated from Security and Threat Prevention with diverse teams, processes, and tools. However, risks and threats have no respect for these boundaries. As soon as an attacker obtains a foothold in an environment, they try to use the compromised user’s identity to get deeper into the network, acquire assets, and compromise additional users and devices. Likewise, sensible access management decisions require real-time insight into a user or account’s risk, behavior, and threat context. Like DevOps, Identity and Access and Threat Prevention remain different functions, but functions need to work together in a continuous process.
A conditional access strategy – recognizing the different ways users access and manage data across devices, geographies, and environments – brings these two groups together to make reasons for the organization’s broader goals. Behavior, identity, risk, and threat detection come together in a united context. By bringing threat blocking closer to the authentication infrastructure, the enterprise also obtains new flexibility in enforcement. It can trigger enforcement in real-time before an asset is accessed to restrain a breach. Furthermore, enforcement can become more nuanced than a block or allow. With a sees something dubious, it can challenge the user with a multi-factor authentication challenge. It stops threats while legitimate users pass through. Just as essentially, this coordination opens up a new realm of Access, and security policies are real-time, adaptive, and have a comprehensive picture of enterprise behavior and risk.
This is really the tip of the iceberg, but it needs not only a shift in technology but, in some cases, a change in an organization. However, as we’ve seen with DevOps, a little wall-breaking can go a long way.