Context is key! why business risk observability is essential for sustainable cybersecurity

Joe Byrne, CTO Advisor, Cisco AppDynamics
Joe Byrne, CTO Advisor, Cisco AppDynamics
1 year ago

Modern applications are under the constant threat of attack. Last year, Red Hat found that 93% of businesses had experienced at least one security incident in their Kubernetes environments in the previous 12 months. Of these, nearly a third (31%) went on to experience financial or customer loss.

What’s worse — such breaches are only set to increase as organizations across the globe ramp up their cloud initiatives. With reputation and revenues on the line, IT teams are facing unrelenting pressure. On one hand, they must bring new applications to market at ever faster speeds, while on the other, they must remain acutely aware that deployment of cloud native technologies is leaving their applications increasingly vulnerable to attack.

As governments in the Middle East outline their cloud-first policies, the security of containers and Kubernetes has become a top concern for DevOps, engineering and security professionals. This is encouraging, as in recent years, security programs haven’t kept pace with accelerated digital transformation. This is evidenced, in a recent Cisco study wherein 92% of technologists admitted that rapid innovation during the pandemic has come at the expense of robust application security.

The problem is that it is only set to get worse. With Gartner predicting that 95% of new digital workloads will be deployed on cloud native platforms by 2025, we can expect bad actors to increasingly look to exploit vulnerabilities within Kubernetes environments.

IT teams that are already struggling to secure applications urgently need to find a more sustainable approach to manage this heightened level of threat. For most, this will mean embracing new security approaches and tools.

Growing attack surfaces require IT teams to think application security refresh
Much like the users they serve, applications today are becoming increasingly distributed. This expands the potential attack surface area dramatically. Whether it’s greater deployment of Internet of Things (IoT) and connected devices or new hybrid working models, technologists are having to contend with an ever more fragmented and complex security landscape. The sheer volume of applications spread across microservice-based application architectures has made monitoring security throughout the DevOps pipeline extremely challenging.

Moreover, the ability of many IT teams to identify and pinpoint vulnerabilities is greatly inhibited by the gaping visibility gaps that exist across their Kubernetes environments. The move to cloud native technologies has exposed the shortcomings of traditional vulnerability scanning solutions. Two thirds of technologists report that their current security solutions work well in silos but not together, meaning that they can’t get a high-level view of how a vulnerability could impact critical application components, nor can they assess which issues represent the biggest risk to the business.

The rise of modern, cloud-native applications has also highlighted the lack of collaboration between development, operations and security teams, which in many cases has resulted in security being treated as an afterthought.

Business risk observability, a need for technologist to manage application security
The challenges outlined above call for a new approach to managing application security. IT teams can no longer afford to worry only about the next potential breach. Rather, they need to lay the foundations for a more sustainable approach to innovation. They must come together with development and operations teams to effectively tackle security within Kubernetes environments and to reap the full benefits of modern application stacks over the coming years.

To achieve this, organizations need expanded visibility into cloud-native environments, and they need business context on their security intelligence.

This is where business risk observability comes in to offer an effective solution. This paradigm enables IT teams to locate and isolate security issues across application entities — whether that’s business transactions, services, workloads, pods or containers. Being able to correlate security issues across application entities allows technologists to reduce metrics such as meantime to detect (MTTD).

However, on its own, this level of unified visibility isn’t enough. IT teams also need to be able to group and filter vulnerabilities based on entities in order to view a prioritized list of the vulnerabilities that could affect a core area of the application. And they still need a way to cut through the crippling data noise to focus their attention on the issues that matter most.

Business risk observability offers context by combining security intelligence with application performance data. This enables IT teams to assess and prioritize risk and remediate security issues based on potential business impact. A business risk score highlights which business transactions present the greatest risk to the business. For instance, technologists can immediately see the sensitivity of customer data associated with a particular business transaction. It means that overworked security teams prioritize far better, thus instantly becoming more effective.

Perhaps most importantly, business risk observability provides a platform for greater collaboration within the IT department. It enables application and security teams to break out of their silos, and come together around a single pane of glass for all application availability, performance and security data. Security, once an afterthought, can then be embedded into the application lifecycle from the onset. This is absolutely essential given the threats that every business now faces.

As organizations continue to churn out ever-growing numbers of applications, the case for business risk observability becomes increasingly clear. As many as 93% of technologists believe that it’s now important to be able to contextualize security and to prioritize vulnerability fixes based on potential business impact. IT leaders now need to implement the right tools and processes to accelerate this transition. Get it right and they can mitigate risk for their organization, while also creating a platform for accelerated and sustainable innovation in the future.

Don't Miss

Cisco and NTT DATA Partner to Empower Global Mobile Workforce with Simplified Access to 5G Connectivity

Cisco and NTT DATA has announced an expanded partnership to transform how

University of Wollongong in Dubai and Cisco Collaborate to enhance Cisco Networking Academy Program

The University of Wollongong in Dubai (UOWD), a leading Australian university in