What Do We Mean When We Say: Cybersecurity Mesh
In keeping pace with the ever-expanding world of information security, many agencies and authoritative bodies put out list of trends or trending technologies for 2022. Research firm Gartner recently released a security-focused trend report that included the term “cybersecurity-mesh.” What is this new term and how does it affect the IT industry?
Years ago, when I first entered the professional IT sphere, cybersecurity was centered on firewalls and ports. This was enough to keep bad actors out and protect good people. Cybersecurity focused on building a perimeter wall around the physical organization. The cybersecurity world had an “inside” and an “outside” with a clear line in between.
There were simple, clear boundaries around any network with traditional firewalls and antivirus software, and any points of entry, such as ports, could be locked down with simple commands. When work began to be done using laptops and mobile devices, however, policy-based security was extended to assets outside the organization. The “BYOD” (bring your own device) era has changed how we think about cybersecurity, and the emphasis on protection has necessarily become broader, placing high expectations on individual users. Now we’re evolving rapidly toward a new concept known as — you guessed it — cybersecurity mesh.
Cybersecurity: The Fabric of Our Lives
Cybersecurity mesh is a distributed architectural approach to scalable, flexible, and reliable cybersecurity controls. Instead of building a wall around a secure location, there must be a wall around each device, that then interlocks with other devices and creates a web of security when they all are joined together.
Think of a patchwork quilt, that, when the corners of each piece are joined, makes a new whole, or a “mesh.” Each of the parts are secured, and thus the whole is secured. Many business assets now exist outside of traditional security perimeters: cloud data storage and applications, containers, mobile devices, the Internet of Things (IoT)/Internet of Behaviors (IoB), and more. The list goes on and on.
Cybersecurity mesh essentially allows for a security perimeter to be defined around the identity of a person, thing, or device. It enables a more modular, responsive security approach by centralizing policy orchestration and distributing policy enforcement. You can get down to the device level, thus securing or removing any defective device in an instant.
This approach makes it easy to respond to threats and protects the whole by permitting security teams to focus very tightly on a single object, whether that is a person, identity, or thing. As perimeter protection becomes less meaningful, the security approach of a “walled company” must evolve to address current needs.
Organizations can no longer just have a firewall. The goal is to ensure that the security of each access point can be effectively managed from a centralized point of authority, in the cloud. In this way, the cybersecurity mesh helps to centralize security policies while ensuring enforcement is more distributed and managed at each node.
Cybersecurity mesh becomes the primary building block of a “zero trust” (another article) security strategy ensuring all data, services, devices, and applications are accessed securely regardless of where they are, whether by individuals or AI. All connections to access the data are considered unreliable unless verified and managed appropriately.
A Thousand Points of Security
The changing landscape in the IT industry has forced policy makers to embrace the concept of cybersecurity that recognizes that networks have no physical boundaries. Cybersecurity decision makers need to be able to control any piece or part of the system, rather than just maintaining a boundary, as before.
Instead, organizations will be able to build a security perimeter around each individual user, allowing them to securely access assets from any location and device. Imagine having complete control and the autonomy to safeguard the entire system when each individual piece is accessible from a single pane of glass in the cloud, a single system and interface.
At any point at which a bad actor can get in, organizations will be able to pinpoint attacks and respond at a micro-level. Moving forward, every cybersecurity department will have to add a cloud-based application for management. It will allow a move into the future, ideally, creating a more robust, flexible, and modular approach to network security.
By ensuring that each individual connection on a network has its own perimeter, network and cybersecurity managers can better maintain and keep track of differentiated levels of access to different parts of a given network. When you are protecting every individual connection point, it become much harder for hackers to exploit weaknesses and gain access to the broader network.
A “Cybersecurity First” Approach
There are, naturally, a number of challenges to overcome as cybersecurity evolves in this bold new direction. A cybersecurity mesh approach requires a complete reconfiguration of traditional approaches to IT security, and it can be more successfully attained if it is integrated during the actual development process of a network or platform.
In addition to structural retooling, cybersecurity mesh requires a greater need for employee training and a shift in the mindset of every user. Many companies, for example, use customized finance software, or a website for employee management (salary info, PII, and so forth) and communication and/or customer interaction.
In such circumstances, minimizing the risk of any given user’s device or access point being hacked and compromising the broader company network is of paramount importance. The more people who have access to a system, the greater the number of points in the mesh that need to be protected.
In other words, since cybersecurity mesh involves overhauling fundamental IT security architecture, it is best not applied as an afterthought. The cybersecurity team involved in creating the underlying network will be best off integrating a cybersecurity mesh during the architectural design of the network, not as a bolt-on.
Similarly, companies should look to themselves to establish a Cybersecurity Mesh for all of their endpoints during the planning stage of their networks or cybersecurity projects. As it becomes more popular (and necessary) to actively secure network connection, there will be an increasing need to incorporate cybersecurity planning from the word go.