Allen Downs, UK and Ireland Practice Leader, at the tech and cloud services company Kyndryl, writes about a simplified tech stack to secure your infrastructure.
Over the last two decades, cybersecurity has firmly taken centre stage. The frequency of cyberattacks has skyrocketed and high-profile breaches have been increasingly splashed across the headlines. All the shouting about data breaches has finally reached the ears (and the agendas) of the C-Suite. Business leaders have begun to heed the counsel of either internal teams or third-party cybersecurity support and subsequently invest in the necessary tools, training and services to mitigate the worst impacts of a breach – but have they overcorrected?
While there isn’t necessarily and ‘right and wrong’ in cybersecurity for a variety of reasons, leaders aren’t always able to make the best choices when it comes to investing in products and services. For example, it may be reactive decisions made in haste following a breach or a disconnect between teams, either in their communication or their needs for different tools. Not only this, but security technology is often sold by vendors as part of technology packages that include a number of other capabilities – therefore, it isn’t directly selected and purchased by the CISO. As a result, CISOs are likely to inherit a disconnected security stack made up of different technologies that only target single or narrow use cases.
Whatever the motivator, too many organisations may be drinking from a cocktail of mismatched security solutions. With a non-complementary set of tools and services, it’s very likely that the organisation’s IT infrastructure will not be receiving the most effective cybersecurity protection. While it’s widely acknowledged that no cybersecurity solution will be perfect – there will always be vulnerabilities – the conversation has moved past “how do we prevent an attack?” to “how do we survive?”. This is by no means to say that prevention methods are not worthwhile and totally necessary. But instead, that we also need to focus on Disaster Recovery (DR) and by extension, cyber resilience.
How do we define resilience?
Resilience at its most basic level requires a clear understanding of the “minimum viable organisation”. This asks, what the critical processes are that underpin each revenue stream, brand, and process. How much we are willing to lose, how long it can be down for, and what the non-negotiables are. A proper resilience strategy looks at these things and builds a framework for how to ensure that these baselines are kept to – but, too often, executives don’t know what those baselines are. The questions (almost) always directly relate to core business functions. Understanding how these functions are achieved requires an end-to-end strategy of the entire data journey in effect, across the IT stack and through its interdependencies.
Building a more resilient IT infrastructure isn’t an easy task and requires a multifaceted approach to help secure the overall organisation. It starts with a focus on the integrating of (often a plethora of different) tools and technologies and the overall outcome, rather than fixing issues on a case-by-case basis.
The easiest way to integrate different technologies in a tech stack is to simplify it. Put bluntly, CISOs need the opportunities to remove things and clean out the tech stack closet. Throughout the process of this ‘spring clean’, CISOs need to identify key capabilities for the organisation and how they need to be linked. Everything above and below this can go.
There’s a common misconception and unconscious bias within the technology community that more tech can solve our problems and that new products and solutions will be superior in some way to the old ones. Of course, cybersecurity teams and CISOs need to keep eye on the latest developments. However, contrary to popular belief, this doesn’t mean a new or updated piece of tech is needed every time a cyberattack, outage or other problem comes down the line.
In fact, as organisations add to their tech stack, there’s a danger of siloes forming – whether by function or location. Siloes can significantly reduce overall visibility of an organisation’s operations, making it challenging to gauge not only the overall system health and efficiency, but also the state of its cyber protection.
The good news is that a tech stack can always be built upon and added to. However, beginning with a simplified base will allow IT teams to more easily manage the IT infrastructure, whilst laying the foundations for a more resilient future for the organisation.
