“When you’re finished changing, you’re finished.” These words are as true today for our security industry as they were when one of my heroes, Benjamin Franklin, printed Poor Richard’s Almanac. We can’t fight change. We have to constantly evolve or else we’re obsolete.
Today, we have more bandwidth and digital innovation than ever, which creates more risk and complexity. Companies are changing how they work: nearly seventy-five percent of employees are working remotely, either full-time or part-time. There are more mobile device connections than there are people on the planet, and the average enterprise has 288 different SaaS apps. Likewise, the average CISO is managing 50 or more products.
Imagine working as part of a security team having to have visibility and control over every hybrid worker’s interaction with your company’s data in the web, in the cloud with one of those SaaS apps, and in private apps. How could they possibly do so from 50 management consoles opened on their Mac. It’s impossible, yet we expect our colleagues to do this every day. No wonder we have a talent shortage, while the cost of cybercrime keeps growing to cross $6 trillion annually.
Our industry has traditionally addressed security with a portfolio of point products. Security has become an alphabet soup of capabilities and features, and teams are chasing after different combinations of letters trying to prevent risk. If your people connect to a website, you need a Secure Web Gateway (SWG) to block them from accessing high-risk sites or download malware or upload sensitive data. If you connect to a cloud SaaS app, you need a Cloud Access Security Broker (CASB). And if you’re trying to access a private app like an ERP, you wouldn’t want the complexity or risk associated with a virtual private network; you’d want Zero Trust Network Access (ZTNA).
The old architecture required a perimeter, yet we know the perimeter has dissolved. The perimeter is now everyone of us working on a mix of company and personal mobile devices in the office or anywhere with a Wi-Fi connection. The old architecture is flawed, and it needs to change.
It’s time to simplify. Simplifying security doesn’t mean getting rid of or reducing capabilities. You still need a SWG or a CASB or ZTNA. But why do we have to treat accessing the web, the cloud, and private apps as silos, requiring different tools to manage them? We can simplify by unifying technologies into a single platform, providing just one management console to manage one set of security policies, and one unified endpoint agent.
I believe Forcepoint has taken a huge step to simplify security with today’s launch of Forcepoint ONE[LR1] . Forcepoint ONE makes it easier for you to implement Zero Trust with certainty, to stop ransomware and other malware in their tracks, to know your data is safe wherever you need it.
As Steve Jobs put it, “Simplicity is the ultimate sophistication.” To simplify anything is hard. After all, it’s been too easy for our industry to build out a conga line of products. Security has gotten too complicated, and it doesn’t need to be. Security should be simple to use and manage. I should know, because I was able to configure Forcepoint ONE by myself, using my Mac. Finally, security has an easy button!
By : Manny Rivelo, CEO, Forcepoint