On the campus at Stanford Business School is a plaque engraved with a quote from Phil Knight, graduate of the business school and co-founder of Nike. I've visited the campus many times, and each time the words stop me in my tracks.
"There comes a time in every life when the past recedes and the future opens. It's that moment when you turn to face the unknown. Some will turn back to what they already know. Some will walk straight ahead into uncertainty. I can't tell you which one is right. But I can tell you which one is more fun."
Right now is such a moment for enterprise security.
Systemic challenges plague modern security operations teams. Lack of cohesive visibility across the attack surface, tool sprawl, siloed data, and rapid-fire alerts make it difficult to prioritize the most critical assets and identify the most dangerous threats.
At the same time, the attack surface itself is rapidly evolving. The business-level mandate to move more and more workloads to cloud changes the parameters of the attack surface, disrupting old workflows and blowing past traditional perimeters.
As many enterprises are learning the hard way, applying old approaches and tool sets – ones that are already struggling to secure existing on-premises deployments – sets SecOps teams up to fail.
The traditional on-premises model uses a perimeter-based approach to security, focusing on keeping the bad actors out as opposed to detecting what's happening within. But as many enterprise security teams have learned the hard way, this model is ill-suited to the threat landscape in the cloud and across the hybrid attack surface.
Threats are not just malicious actors that make their way in. They are inside actors. They are misconfigured services. They are shadow workloads containing sensitive enterprise data. In the world of cloud, the perimeter is obsolete.
The reality of cloud requires an inside out approach to security. And just as the cloud provides a greenfield opportunity for DevOps and IT Ops teams to scale and grow, it also represents a new beginning for SecOps. Rather than retrofitting old tooling and architectures for the cloud, SecOps teams should embrace the opportunity to build a cloud-first security strategy, one that can be used not only for cloud deployments, but to improve security across the entire hybrid attack surface.
Twenty years ago, the rise of the internet upended the world of business. It took down Fortune 500 companies and catapulted start-ups to multi-billion dollar valuations. The businesses that grew, survived, and thrived in that new reality walked straight ahead into the unknown. They embraced the future. Those that turned back… well, that's a different story.
Cloud upends the traditional enterprise security model. Organizations that embrace the scale, efficiency, and growth it enables must also take a cloud-first approach to security. The past is receding. The future is calling. Will you answer?
ExtraHop is first and foremost a security company. Our position as a passive observer within the enterprise network gives our customers unmatched visibility from the inside, out. It also means that we can be everywhere the attack surface exists – not just the data center, but the cloud, the branch office, and the device edge. No matter how abstracted the network becomes, it is still the connective fabric over which every device and system – benign or malicious – communicates.