When we talk of some of the imminent security threats, among others, ransomware and supply chain attacks emerge as the top challenges followed by the security of data/apps in the cloud and so on.
And when we talk of some of the emerging security frameworks, perhaps SASE (Secure Access Service Edge) would stand atop the list. The concept of SASE, as a tech framework to deliver security controls in the cloud directly to the source of connection, was introduced by Gartner fairly recently. For clarity, it combines a lot of elements in one framework including SD-WAN, CASB (Cloud Access Security Brokers), Secure Web Gateways, Antivirus, VPN, Firewalls, and DLP – delivered as a cloud service. The reason why SASE gained momentum lies in its simplicity – eliminating the need for multiple products. Companies that deploy SASE have to deal will lesser security policies.
Gartner estimates that about 60% of enterprises will have a clear SASE roadmap by 2025. This number was merely 10% in 2020. Also, SASE adoption gained momentum due to widespread adoption of Zero Trust Network Access capabilities.
Smruti Gandhi, Executive Editor, dynamicCISO, in her recent meeting with Anurag Kahol, SVP Secure Services Edge, Forcepoint India Innovation Center ,spoke on a multitude of issues including the company’s newly launched India Technology Center, Forcepoint One – its flagship cloud platform and more.
Read the excerpts below:
DynamicCISO (DCISO): Forcepoint recently launched the India Technology Center of Excellence/Innovation Center. Tell us more about it.
Anurag Kahol (AK): Forcepoint India Innovation Center (IIC) is our latest, state-of-the-art technology center of excellence in Mumbai. This center helps accelerate our mission to simplify security. Converging cybersecurity and the cloud, we want to further the culture of innovation.
Positioned as a global security R&D center, we’ll tap on the brilliant technological and engineering talent to make Forcepoint’s Security Service Edge (SSE) platform more pervasive, robust, and futuristic. Initially. We’re planning to hire over 200 software architects, cloud developers, DevOps engineers, and quality assurance experts. We are committed to a human-centric culture and environment at Forcepoint that promotes inclusivity, variety of thought, mutual respect, and dignity in all parts of our life.
DCISO: Gartner first coined SASE (Secure Access Service Edge) in 2019 and soon after got on to a new acronym SSE (Security Service Edge). How important is SSE in today’s context? How is Forcepoint working to enhance its capabilities?
AK: SSE’s main objective is to safeguard apps and data by constructing a pervasive cloud edge that covers all methods of accessing them. This pervasive edge is provided by an SSE solution, which allows businesses to implement consistent data security and threat prevention rules across their whole estate, including users, devices, locations, and apps.
SSE allows companies to simplify their security fabric by replacing various, specialized hardware devices with cloud-based services that provide similar capabilities. It integrates a jumbled array of point products, ensuring security while making it easier for business users to get to the resources they require. It’s an important cybersecurity upgrade for organizations. Forcepoint’s objective is to help customers decrease the administrative burden of the traditional point product-based approach and simplify the SecOps.
DCISO: Widespread adoption of cloud has widened the threat surface. How should CISOs approach cloud security in this changing paradigm?
AK: Most of the time, businesses can’t determine where the cloud service provider’s (CSP) responsibilities end and their own begin; leaving both customers and CSPs vulnerable to a variety of threats. Indeed, cloud expansion has increased the potential attack surface. Threats to cloud-based data can differ depending on the delivery models. Cloud computing is exposed to a number of security vulnerabilities, including the sensitivity of data assets, cloud architectures, and security controls in a specific cloud environment.
CISOs should focus more on overcoming fragmentation, risk-based prioritizing, and scaling remediation as far as cloud security is concerned. Whether it is private, hybrid, or multi-cloud, the attack surface has increased across. It is further complicated by the fragmented network, making it difficult to monitor, protect, and respond. Visibility, across cloud infrastructure, is a vital objective that CISOs should prioritize in order to overcome fragmentation and reduce cyber risk.
DCISO: With the launch of Forcepoint One, which integrates Zero Trust and SASE, you claim to be simplifying security. Can you explain, how?
AK: Because of excessive remote work, access to high-risk websites, and rampant use of unmanaged SaaS platforms from any device, simplifying security can be a very daunting task for any CISO today. Our all-in-one approach enforces rules and prevents unwanted information access or sharing with just one security policy. Forcepoint ONE all-in-one cloud platform simplifies security for both on-prem and remote workforces. It allows users to gain safe, controlled access to business information on the web, in the cloud, and in private applications.
Forcepoint ONE makes it easy for customers and partners to adopt Security Service Edge (SSE) by unifying crucial security services including Secure Web Gateway (SWG), Remote Browser Isolation (RBI), Content Disarm and Reconstruction (CDR), Cloud Access Security Broker (CASB) and Zero Trust Network Access (ZTNA). Integrated Advanced Threat Protection (ATP) and Data Loss Prevention (DLP) also keep malware out and protect sensitive data across business applications and BYOD devices, eliminating the need for fragmented products. With Forcepoint ONE, security teams can now manage a single set of policies across all apps, from one cloud-based console, through one endpoint agent, with agentless support for unmanaged devices.
DCISO: Do you think the industry is ready for consolidated security products/platforms like Forcepoint One? How will this change the way security operations work today?
AK: Consolidated security architecture is a multi-layered cyber security solution that defends most attack surfaces, networks, cloud, endpoints, mobile and IoT devices with the same threat prevention technologies, management services, and threat information. The challenges of increased connectivity and legacy security are addressed by integrated security architecture. It offers comprehensive threat prevention that closes security gaps, automates, gives real-time threat intelligence across all environments, and a unified security management platform for a more efficient security operation. Forcepoint ONE facilitates security for both conventional and remote workforces, allowing users to gain secure, restricted access to business data via the web, cloud, or private apps.
DCISO: Finally, talk about some future trends that the company is working on, and give us some idea of what to expect in the future?
AK: The battle between attackers and defenders is continuous, and getting fiercer. However, cybersecurity solutions have always been focusing on detection. A sizable investment has gone into finding innovative ways to detect incidents quicker, for them to be circumvented by equally innovative cybercriminals. This innovation rat race hasn’t eliminated or reduced threats like ransomware, and malicious codes which can lurk and stay hidden for months in a network, only to be activated at the right time.
In a world where the security perimeter has almost vanished, authentication and detection – even using principles like Zero Trust – just aren’t enough. You may know who is on a network, and what they can access but you might not know what they’re accessing and why.
Therefore, cybersecurity must shift to a principle of 100% prevention. If all content is treated as malicious to start with and sanitized accordingly, threats can be prevented before they even reach an inbox. Focus less on trying to detect or react to threats, and more on proactively preventing compromise. This is what we are working to achieve with Forcepoint ONE by moving security into a cloud-as-a-service model. It delivers capabilities at scale and gives enterprises a fighting chance against epidemic threats like ransomware.