Charles Gold has been appointed chief marketing officer for FireMon, the leading network security policy management company that brings visibility, control and automation to enterprise cloud and hybrid network infrastructure.
“Charles Gold brings trusted and proven leadership, cybersecurity and cloud industry knowledge, making him a fundamental addition to our executive team,” said Satin H. Mirchandani, president and CEO of FireMon.
“By working with Charles, FireMon will accelerate its momentum and market leadership globally as more enterprises look to automate their network security operations in the cloud, on-premise and in hybrid environments.”
In his role, Gold will drive marketing initiatives and go-to-market strategy to help fuel global growth, while strengthening FireMon’s position as the leading enterprise network security automation solution for complex and hybrid cloud environments.
His proven marketing leadership in advancing high-growth software companies will accelerate FireMon’s industry leadership position, sales momentum and channel distribution strategy worldwide.
“We’re experiencing a generational technology shift to cloud-based infrastructure and FireMon is uniquely positioned to facilitate a safe and secure transformation for the world’s largest enterprises,” said Charles Gold, chief marketing officer at FireMon.
“Having studied the space and spent time with the company, it’s clear why FireMon is the market leader. I’m thrilled to join the team.”
Prior to FireMon, Gold has led marketing, product management and business development efforts at market leading companies including Virtru, Sonatype, Progress Software and Red Hat.
He brings deep experience in demand generation, product marketing and branding. Gold received a BA in economics from the University of Virginia and a Master of Business Administration in finance from Wake Forest University.
FireMon plans to further its growth by accelerating channel partnerships, product innovation and international momentum. Supported by its deep channel relationships and legacy of market leadership, FireMon is well-positioned to expand its global customer base and help more enterprises improve network security as they undergo cloud migrations.
While enterprises rapidly transition to the public cloud, complexity is increasing, but visibility and team sizes are decreasing while security budgets remain flat to pose a significant obstacle to preventing data breaches, according to FireMon’s 2020 State of Hybrid Cloud Security Report.
“As companies around the world undergo digital transformations and migrate to the cloud, they need better visibility to reduce network complexity and strengthen security postures,” said Tim Woods, VP of Technology Alliances for FireMon. “It is shocking to see the lack of automation being used across the cloud security landscape, especially in light of the escalating risk around misconfigurations as enterprises cut security resources. The new State of Hybrid Cloud Security Report shows that enterprises are most concerned about these challenges, and we know that adaptive and automated security tools would be a welcomed solution for their needs.”
While enterprises increasingly transition to public and hybrid cloud environments, their network complexity continues to grow and create security risks. Meanwhile, they are losing the visibility needed to protect their cloud systems, which was the biggest concern cited by 18 percent of C-suite respondents, who now also require more vendors and enforcement points for effective security.
The 2020 FireMon State of Hybrid Cloud Security Report found that:
- Business acceleration outpaces effective security implementations.
- Nearly 60 percent believed their cloud deployments had surpassed their ability to secure the networks in a timely manner. This number was virtually unchanged from 2019, showing no improvement against a key industry progress indicator.
- The number of vendors and enforcement points needed to secure cloud networks are also increasing; 78.2 percent of respondents are using two or more enforcement points. This number increased substantially from the 59 percent using more than two enforcement points last year. Meanwhile, almost half are using two or more public cloud platforms, which further increases complexity and decreases visibility.
Despite increasing cyberthreats and ongoing data breaches, respondents also reported a substantial reduction in their security budgets and teams from 2019. These shrinking resources are creating gaps in public cloud and hybrid infrastructure security.
Budget reductions increase risk: There was a 20.7 percent increase in the number of enterprises spending less than 25 percent on cloud security from 2019; 78.2 percent spend less than 25 percent on cloud security (vs. 57.5 percent in 2019). Meanwhile, 44.8 percent of this group spent less than 10 percent of their total security budget on the cloud.
Security teams are understaffed and overworked: While the cyberattack surface and potential for data breaches continues to expand in the cloud, many organisations trimmed the size of their security teams – 69.5 percent had less than 10-person security teams (compare to 52 percent in 2019). The number of 5-person security teams also nearly doubled with 45.2 percent having this smaller team size versus 28.5 percent in 2019.
Lack of automation and third-party integration fuels misconfigurations
While cloud misconfigurations due to human-introduced errors remain the top vulnerability for data breaches, an alarming 65.4 percent of respondents are still using manual processes to manage their hybrid cloud environments. Other key automation findings included:
Misconfigurations are biggest security threat: Almost a third of respondents said that misconfigurations and human-introduced errors are the biggest threat to their hybrid cloud environment. However, 73.5 percent of this group are still using manual processes to manage the security of their hybrid environments.
Better third-party security tools integration needed: The lack of automation and integration across disparate tools is also making it harder for resource-strapped security teams to secure hybrid environments. As such, 24.5 percent of respondents said that not having a “centralised or global view of information from their security tools” was their biggest challenge to managing multiple network security tools across their hybrid cloud.
By harnessing automated network security tools, robust API structures and public cloud integrations, enterprise can gain real-time control across all environments to minimise challenges created by manual processes, increasing complexity and reduced visibility. Automation is also the antidote to shrinking security budgets and teams by enabling organisations to maximise resources and personnel for their most strategic uses.
As the technologies we rely on continue to evolve, they are growing at a rate that outpaces our ability to protect them. This increasing risk potential necessitates a change in approach and the ability for organizations to automate more of their network security operations to reduce their cyber-attack surface.
One of the primary ways this issue is compounded is from the widely acknowledged labor shortage of IT security specialists, which results in overworked resources and increases in misconfigurations caused by human errors. Security analysts and engineers spend the vast majority of their time worrying about vulnerabilities, but Gartner believes that through 2023, 99 percent of all firewall breaches will be the result of misconfigurations, not flaws. IBM also noted in a recent survey that a 424 percent increase in data breaches due to cloud misconfigurations were caused by human errors.
Recognizing these findings, the need for enterprises to automate network security policy management processes to reduce human errors and improve efficiencies is proven, but some organizations are still leery of making the automation transition for fear of losing control over their IT security visibility and decision making. Luckily, they don’t need to choose between automation and maintaining control.
Organizations can protect against these concerns by beginning with a form of automation that matches their current IT security capabilities, then advancing to increasing methods of automation as their confidence and technical maturity level grows.
Improve network control, reduce complexity and errors
Some organizations may believe that automating network security operations will reduce their visibility and control over policies, change processes and ability to comply with security and privacy regulations. However, automation can actually provide more control by eliminating guesswork and manual management for these areas, which reduces the likelihood of misconfigurations and increased risk.
Network security policy automation provides numerous benefits to organizations including minimizing human error; increasing operational efficiency while reducing security costs; streamlining the friction between DevOps and SecOps; increasing overall security agility; and decreasing compliance violations by proactively checking against regulation and internal compliance measures prior to implementing new changes.
Create a customized approach to network security automation
I recognize that not every organization is ready to fully automate security processes out of the gate. Therefore, I recommend they first acknowledge their current IT security maturity and then define how they want to evolve their automated processes over time. These decisions should be based on the company’s business goals, staffing resources, customer needs and technical sophistication.
The next step is to place the company on an automation transformation curve to determine its technology advancement path. I like to think of the automation spectrum as having four key stages, which improve security process time and efficiency:
1. Design Automation: Offers a basic level of automation, where security specialists still manually monitor and react to environmental changes. Meanwhile, the automated system provides intelligent design recommendations to suggest network security improvements, and auto-generated compliance and risk-scoring reports to improve workflows and correction time.
2. Implementation Automation: Continues to improve speed and efficiency by also providing automated network security rule implementation, verification and documentation. This stage is still primarily driven by operator control but increases automation to enable security specialists to direct their attention to more critical needs.
3. Zero-Touch Automation: The network system now monitors and reacts to environmental changes, but the security specialists remain in control of global policies. At this stage, implementation changes are deployed to all devices automatically, and intent-based standards and golden rule guardrails can be easily defined to alleviate time-consuming routine changes.
4. Adaptive Security Enforcement: For some time, our industry has considered zero-touch automation the end-state, but now a new stage goes beyond this type of automation to create a truly adaptive network security model. This automation approach is scalable across systems and automatically recalibrates global security policies as it auto-detects any underlying network and infrastructure changes. This approach also enables businesses to maintain control over security operations, while maximizing efficiencies and gaining continuing compliance with security policies.
This multi-staged approach allows organizations to match their pace of automation to meet their current network security capabilities and future ambitions. To determine where to start, enterprises should survey the type of processes they want to fully automate, partially automate or remain untouched. Then the company can automate within their comfort level to move as fast as their systems allow.
Explore the next frontier of network security automation
I believe that the new frontier of network security automation will help enterprises move beyond zero touch implementation to continuously adapt their security processes to gain real-time visibility and control over global network changes, achieve new levels of efficiencies, and free up IT security resources for more strategic initiatives.
This adaptive network security model also provides the flexibility needed to respond to critical incidents and apply additional changes across all environments as they occur. Businesses shouldn’t have to make a choice between speed or security, and by continuously monitoring and adapting their network systems, protecting global polices across all environments and maintaining compliance, they wouldn’t have to make any tradeoffs.
There is an automated network security policy management solution that meets the needs and capabilities of every organization. Organizations don’t need to fear automation as a threat to lose control or visibility over their hybrid network environments. By selecting the right form of automation for their current needs, enterprises can reduce human errors and improve their security agility now while they prepare for the future.
Enterprises are slow to abandon manual processes, despite being short staffed, as the lack of automation, coupled with increasing network complexity risk and lack of visibility contribute to costly misconfigurations and increased risk, a FireMon report reveals. The report features feedback from nearly 600 respondents, including 20% from the executive ranks, detailing ongoing firewall operations in the spectrum of digital transformation initiatives. “In an age of increasing data breaches caused by human error, it is … More
The post Network complexity and lack of visibility contribute to misconfigurations and increased risk appeared first on Help Net Security.