2020 By far has been the worst year in Cyber Security history and with progress of cloud and multitude of vendors and services this may not be last one. The complexity of securing enterprise infrastructure and applications has been an arduous task and it will become more difficult and complicated to define enterprise boundaries and to secure enterprise data. As we all know we are going towards zero trust to ensure security of enterprise applications and data.

In 21st century information or data has become most critical element for success of any enterprise unlike traditional elements like land, labor, and capital which were the only ingredients in the 20th century to start and succeed any business. The data/information which can take many forms and has immense value and can be sought after your adversaries. In today’s world the threat actors are not just your competitors and depending on the criticality of your data it can involve nation states as part of well-orchestrated cyber espionage operations..

This fact has proven time and again it is not easy to identify any anomalous behavior within enterprise due complexity and ton of events generated every hour.

In most of recent times Solar Winds and Fire Eye is a good example of those who were successful in compliance, Audit, KPI, KRI reporting etc but could not identify or see it coming. All of them have made good efforts to win customer confidence and stake holder approvals and garner more business, in the end what matters is: are we secure? Can we report any incident or anomalous behavior without losing time? This may not be possible – security is not just passing through the audits and ensure the design and operation of controls as expected. Of course, these are critical to maintain the security posture of the organization. APT threats are finding news ways to breach into enterprises be it VMware W1 exploit or Duo MFA bypass and M365 privilege user abuse, security of our times needs fresh approach to ever changing security landscape.

Overall, we need cultural shift in the way we look and perceived security and deal with it accordingly. The traditional approach to security as only cost center will not address threats introduced by new vectors backed by nation states, having deep pockets to invest any amount of funds. Recent times we have seen matured Advanced Persistent Threats camouflaging the supply chain of vendors and becoming integral to standards applications and patches. It is very onerous to deal with such events unless we address security holistically and cover all aspects of People Process and Technology. Each of these areas has significant impact on the way security will be assured for the enterprise. Agile methodology has reduced the time taken to deliver products/services and identify any deviation early on and ensure course correction to stay well on track to meet the end goal. But the focus on final product and reduced cost and resources has led enterprises to cut short some of the key security requirements or some of key documentation in form of architectural blue prints or process documents and these formed basis of standard SDLC process. It may not be easy to address and reach ZEN state of a 100% secure enterprise. This can be achieved by introducing the right strategy, policy, and process changes for all 3 elements like People, Process and Technology. This will support minimal security incidents and if at all we have one there is minimal gap in the compromise and identification to limit the impact arising out of such security incidents.