I’m in a spacious kitchen in the New England town where I’ve been invited to spend Thanksgiving this year, and though we’ve all just finished running the Turkey Trot, a far more crucial race is happening indoors. In the Schmidt household, preparation for Thanksgiving dinner began on Wednesday: the Brussels sprouts sit stemmed and chopped in a bowl, the chocolate mousse is in the fridge resting, and the turkey awaits its basted fate. Yet, above the constant din emanating from the kitchen, the debate over one last, unfinished side dish dominates discussion: this year’s sweet potato recipe.
For years, matriarch and host Sue has served her specialty sweet potato dish—a sophisticated, roasted take with lime juice and cilantro—but this year, she has finally caved to her husband’s annual request: sweet potatoes mixed with marshmallows and pecans, a recipe he claims “is eaten in every American household.”
To make this sinful bargain a possibility, the Schmidt household is making both dishes and letting the guests decide which dish reigns supreme. What does it mean for this frantic Thanksgiving morning? Too many cooks in the kitchen.
Carry on to the cloud
This week, we’re at AWS re:Invent (come say hi at Booth #707!), full of turkey and hoping that in 2019, our IT infrastructures see transformational change in cost, security, and scalability. For many of us, this means we’re taking a hard look at a stack in flux—somewhere between the huge data warehouses of a time past and the charms of being fully cloud-hosted.
Gartner estimates that by 2022, system infrastructure will see a massive shift in spending from traditional IT infrastructure to the cloud by 28%. Early(ish) adopters at the conference making hard decisions in this crucial transition to the cloud know all too well the security challenges that these organizations are bound to face:
- Cloud and traditional infrastructures often require completely different product portfolios to secure them. Differently put, your attack surface may shrink, but it has folds that are less understood, and integrations, plus data flow between your services, may go overlooked.
- As vendors and organizations shift their focus to the cloud, on-premises services are at risk of becoming obsolete or sunsetted. On the flip side, security software created to combat modern, complex threats are increasingly built as SaaS products.
- Cloud environments abstract away a certain amount of infrastructure control, decreasing the visibility over network segments that cannot be surveilled in-house.
As a synthesis of dynamic infrastructures by the DCD concludes: “The dynamic data center model, with its mix of technologies, is vulnerable, and may be more so than either traditional data centers or cloud service providers.”
To rephrase: Too many cooks in the kitchen means you’re more likely to get burned.
Can automation play a role?
Given the challenges we face, simply purchasing more tech is not a sustainable solution—but neither is standing still. Security teams will struggle to manage more tools that each address different portions of their infrastructure, while finding it impossible to aggregate a single source of truth that normalizes data across many different services. In this recurrent scenario, a security orchestration,automation and response (SOAR) solution is uniquely positioned to help:
- Operationalize your security software portfolio. With pre-built integrations, you can codify and build your security playbooks into workflows to get value from the things you buy. Software on the shelf is the enemy.
- Flexibly build on top of a SOAR solution to combine custom services, legacy software, and rarely used SaaS software that your business relies on.
- Rely on visual workflow builders that require little to no code so that when workflows need to be updated in the future (for instance, EOL of an on-prem solution), changes can easily and sustainably be made to your processes.
Let’s take a look at a few scenarios
According to a survey conducted by the SANS institute of 430 IT professionals with hybrid environments who rated areas of concern in their deployments, the following was determined:
- 64 percent are worried about application vulnerabilities.
- 55 percent seek improvement of breach containment and recovery processes.
- 25 percent have no idea if they have been attacked.
It’s important to note that automation is not a silver bullet—it takes both mental (playbook delineation) and physical (roadmap time, a SOAR solution user) investments to understand the unique challenges your dynamic infrastructure faces and outline a path toward bolstered security maturity. But, in the spirit of Thanksgiving, this year I am thankful for a present, not a future, where proponents of the cloud have an answer to the seemingly insurmountable gap between traditional IT and where we all want to be.
Attending AWS re:Invent? We’re hosting a happy hour from 6 p.m. to 9 p.m. on Wednesday, Nov. 28 at Surrender Bar at Encore Beach. This event, which is co-sponsored by CyberArk and McAfee, will be a fantastic opportunity to take a break from a long day of sessions, join your co-workers, and mingle with friends. RSVP here.