According to Gartner, a security and risk management trend predicted for last year. This year is “Cybersecurity Mesh Architecture (CSMA),” which may be news to those of us who haven’t heard of it before. To be honest, it looks like Gartner coined the term in an attempt to create a cybersecurity architecture that, according to the company, can cut security incidents’ costs by 90% over the next two years. Is it possible to back up this claim?
What is the Cybersecurity Mesh?
The idea that security tools should work well with each other” is what underpins CSMA. More and more Secure Architecture Consulting Services are not interoperable, resulting in unnecessary overlaps in what they are trying to do, according to a report from Gartner. There will be a deliberate integration of each technology into the IT infrastructure as part of a larger plan for cybersecurity mesh.
Cyberattacks have reached a point of no return.
Analysts recently published a paper predicting a “perfect storm” of cyberattacks in the near future, partly due to three primary difficulties facing today’s business security landscape:
- There is an asymmetrical element to cyberattacks and cyberdefenses. A compartmentalized security approach is common in organizations, whereas attackers are more likely to go outside of it. It’s not uncommon for security tools to operate independently of each other, exposing vulnerable areas to attack.
- With the rise of remote work and the proliferation of stray gadgets, the perimeter of defense has been significantly reduced. The typical perimeter of network security is like the French Maginot Line, a formidable fortress that was readily evaded by invaders.
- Security in multi-cloud computing setups must be more tightly integrated. Many cloud service providers have their own security rules, which might lead to inconsistent enforcement of the standards that they set for themselves.
The research continues to examine the present digital ecosystem, criticizing the current security architectures for their fragmentation. To put it another way, the proliferation of digital devices over an ever-thinner hybrid cloud has put a significant demand on computer resources. If the tools are poorly deployed, several dashboards and administrative points may overlap in their roles.
In fact, an IBM-sponsored 2020 industry study indicated that firms typically used 45 security solutions and that respondents wanted to drastically cut that number. This supports IBM’s assertions.
Gartner created the CSMA model in response to these issues, which aims to reduce security vulnerabilities by encouraging a more integrated and collaborative approach to security.
The Mesh Architecture for Cybersecurity.
When it comes to expanding security controls to widely distributed assets, Gartner describes CSMA as “a composable and scalable strategy.” Hybrid and multi-cloud environments, as well as mobile devices and apps that may access these environments through their suggested paradigm are the focus of their research and development. Their objective is to provide high-level interoperability of security technologies, operating through four supporting layers that promote collaboration amongst security controls. Among the four layers proposed by the authors are:
- Analytics and Intelligence: Analyzes prior cyberattacks and uses this information to plan for the future.
- Directory services and identity management are decentralize in the Distribute Identity Fabric.
- Policy and posture management is integrated into a single, uniform policy for all security tools.
- Single pane management of the security ecosystem with consolidated dashboards.
Security frameworks should be better integrated, according to Gartner.
- Invest in the development of a standard framework to ensure interoperability between security tools.
- Policy decisions can be outsourced from outside the tool if vendors have open policy frameworks.
- Choose vendors who are forward-thinking and aggressive.
- Make use of multi-factor authentication and a zero-trust system.
- Adopt zero-trust, cloud-based access control in place of VPNs.
Security for a single or sole vendor
In many ways, the “Cybersecurity Mesh Architecture” concepts can be boiled down to a single or primary vendor security. Consolidation to a security stack from a large vendor like IBM or Symantec may be necessary if security tools aren’t working together. There have been favorable results from Gartner’s own report on CSMA, such as better dashboard integration and lower licensing costs.
There will always be a need for special third-party tools to fulfill certain functions. The Gartner’s CSMA report recommends that these products be properly incorporated into the existing security stack via open standards or APIs.