, ,

Disruptive Technologies Every CISO Should Know

Image Credit - Pexels

Image Credit – Pexels

Information Security is a rapidly changing field as advancements due to disruptive technologies, like SDN, IoT, NFV and others, have direct impact on security management programs. Information Security professionals, in general, are perceived to be slow in  adapting to new technologies and are many times considered a road block. This perception must change and this post is an effort in this regard.

While many innovations have incremental impact on technology, a number of new disruptive technologies are bringing “paradigm shift”. Some of these disruptive technologies are also forcing  to think about a completely different approach to manage the information security programs. The Cloud Computing and Software as a Service (SaaS) have changed the concept of network perimeter, ownership of data, liability in the case of data breaches, and other aspects near and dear to information security professionals. Recent DDoS attacks involved exploiting vulnerabilities in consumer IoT devices created significant impact on availability of domain name systems for many organizations. In this post, I am going to briefly discuss some of the disruptive technologies that have a potential of huge impact on what InfoSec professionals do on daily basis.

Learn these new technologies or risk being perceived as a “road block” for your businesses.

Software Defined Networking or SDN

Traditional networks heavily rely on physical devices like routers and switches, where each devices has its own “forwarding plane” to move data and “control plane” to make decisions about data paths. A direct consequence is that network administrators have to configure each device and apply configuration policies separately, which is significant work in large networks with thousands of devices. SDN is a relatively newer concept where we separate the data plane and the control plane such that that a centralized controller  is responsible for managing the whole network and make routing decisions.

SDN is helping in maintaining consistency, ease of operations, cost savings, and using application-aware routing more efficiently.

Most of the major network and security vendors already have products available to exploit the potential of SDN technologies.

SDN technologies use few new protocols, like OpenFlow, that security professionals need to understand. They also need to know how the centralized controllers are protected and hardening techniques for SDN based networks. Many SDN technologies have promised multi-path and application-aware routing that the security professionals need to know.

Network Function Virtualization or NFV

A related development to SDN is network function virtualization or NFV. Basically, it is the concept of virtualizing network functions (like firewalls, proxies, IPS, WAN optimization etc.) just like we virtualize servers and storage in modern data centers. As a result, instead of installing a separate physical box for firewall, IPS, URL filtering and other technologies, we have started using virtual machines for these functions in a single physical box that performs routing and switching as well.

NFV is drastically changing the concept of segregation of duties, device ownership, change management and other security functions.

The information security professionals must educate themselves very quickly on these transformative changes. NFV brings significant cost savings and advantages for risk management by ensuring verifiable consistency of policies across an enterprise.

Software Defined Perimeter or SDP

Traditionally, we create a perimeter around critical applications and data and monitor this perimeter very actively using firewalls, IPS, and other security devices. With SDP technologies, instead of creating a perimeter which is quite costly, we can make certain parts of a network “invisible”. Thus, even when a server or application has an un-patched vulnerability, it can’t be exploited because the attackers don’t see and can’t reach the vulnerable servers.

SDP provides a promise of excellent security for critical assets in private data centers from insider threats.

For legitimate access to servers and applications, a controller and a gateway play key role. When a user needs access to a protected application, the controller performs multi-factor authentication, ensures the trust of the end devices, and use cryptographic techniques to enable a path through the gateway. The gateway, protecting the critical part of the network, does not respond to anything or anyone until the controller authorizes it.

SDP has great promises to protect certain parts of corporate networks from the insider threat. Not only that, it provides a very high level of confidence for Cloud services, and for high-risk applications in the DMZ. This is a key technology for security professional to find newer ways to protect critical assets.

The Internet of Things or IOT

Internet of Things or IoT is the latest hype in the technology cycle. Unfortunately most of the information security professional are already too late in understanding the IoT and its impact on information security.

IoT is all about connecting devices (or “things”) to the Internet.

Billions of devices are expected to be connected in very near future. IoT uses some existing and few new protocols like CoAP and MQTT. Security is not the first thought for many IoT Vendors and infosec professionals needs to understand this field very quickly and be able to understand implications, and create security architecture for IoT. From a learning standpoint, nothing is more important that IoT right now for security professionals.

Summary

I have discussed few high-impact and disruptive technologies that every security professionals should know. CISOs should make sure that their staff is knowledgable and trained on these technologies to avoid being a roadblock in the implementation. These new technologies are critical for every business, including yours, so be pro-active and be on the forefront to exploit their potential.

About the Author

Rafeeq Rehman is the creator of “CISO Mind Map”, a blogger and consultant. He is helping many Fortune 500 global organizations achieve their business goals using latest innovations in technology. His areas of  focus include Information Security, IoT, and Advanced Networking. He can be reached @rafeeq_rehman and on his personal blog site.

References