Cyber Security: Defend Everything. Defend Nothing.
Frederick the Great, the legendary military leader and King of Prussia, once famously told his generals, “He who defends everything, defends nothing.” In today’s cyber-security climate, these words have striking application as organizations face an unprecedented number of cyber attacks on every part of their respective enterprises.
According to PwC, the volume of cyber attacks grew 38 percent between 2014 and 2015. Even more alarming is the fact that these attacks are consistently becoming more sophisticated and more successful. One firm, the Ponemon Institute, has estimated the cost of cyber crime to U.S. businesses has risen 82 percent over the past six years.
Determining how best to defend against this avalanche of cyber attacks is a key priority for every organization moving forward. But, perhaps surprisingly, many organizations are finding it challenging to develop a coherent strategy. A recent global survey of C-suite business executives (CEOs, COOs, CFOs), and leading security executives (CIOs and CISOs), revealed that while business leaders tend to think strategically and long-term, security leaders prefer a tactical approach to security, one that focuses on individual solutions to each possible attack.
The problem with this tactical approach is that the amount and type of attacks is continually growing and evolving. By trying to defend attacks on all fronts individually, cyber security teams find themselves in the unhappy place Frederick the Great warned his generals against. Cyber security becomes a game of Whack-A-Mole, in which corporate defenses cannot be proactive and instead must simply react to the newest and biggest threat. The sheer number of successful cyber attacks alone is proof that this reactive, tactical approach to security has reached the limits of its effectiveness. It’s time for a new approach.
A Strategic Architectural Approach to Security
What’s needed is a more strategic architectural approach to cyber security that would align a firm’s security strategy with its most important security priorities. For most firms, the most precious asset they have, according to the EIU survey, is the trust of their customers. Any holistic, strategic cyber security plan begins here.
A flexible, architecture-based defense allows your IT department—once notification of an attack has taken place—to identify, mitigate, and contain the attack. Data breaches are like diseases; if you can spot and treat them early, you can reduce the gravity of the effects.
Transforming Security with VMware NSX
VMware NSX offers organizations the new, architecture-based security solution they need to defend themselves against the growing number and types of cyber threats. As VMware CEO Pat Gelsinger explained in his recent RSA 2016 keynote, VMware NSX network virtualization offers organizations the alignment and ubiquity needed for a true security architecture that defends across compute, network, storage, and even clouds. The micro-segmentation made possible by these NSX capabilities transforms security by creating the proactive, strategic defense needed to protect an organization’s most valuable assets.