Confucius once said, “Life is really simple, but we insist on making it complicated.” For those of us in cybersecurity professions, we can easily relate to this philosophy. Cybersecurity has become exceedingly complicated in recent years, and the complexity might now be our biggest vulnerability. IT is evolving rapidly, but IT security is often left […]
Confucius once said, “Life is really simple, but we insist on making it complicated.” For those of us in cybersecurity professions, we can easily relate to this philosophy. Cybersecurity has become exceedingly complicated in recent years, and the complexity might now be our biggest vulnerability.
IT is evolving rapidly, but IT security is often left playing catch up in order to adapt to the changes in how businesses approach and deploy computing, applications, networks, databases, and devices. Many organizations rely on best practices such as defense in depth, secure development lifecycle, penetration testing, separation of duties, etc. However, these tactics do not allow cybersecurity to move at business speed, and they contribute to the lag in IT security.
When a company adopts a brand new IT tool, feature, or capability for the purpose of speeding productivity or saving money, security teams are tasked with securing the new item immediately. But how can they be expected to do this when the available technologies are not yet equipped to specifically address the new security need? Many turn to piecemeal solutions that require the layering of security technologies, which are often layered over even more outdated security solutions. On the surface, this approach sounds crazy, yet this is the reality cybersecurity teams face everyday.
Let’s look at network security practices, for example. In recent years, organizations have helplessly watched the network perimeter – a key component in securing an organization from threats – dissolve.
Organizations now rely on mobile workforces, multiple physical locations, and the Cloud for mission critical business operations. Yet many organizations continue to rely on traditional network security practice like firewalls, appliances, and various point solutions. Each layer, device, and solution then requires its own policy, continuing to bog down already overwhelmed security teams. In the end, this creates complexity that leaves organizations more vulnerable than they’d like to think. The more security layers there are, the more opportunities a hacker has to find a weakness. This complexity and inefficiency is particularly risky considering that cyber attacks are at an all time high.
So what’s stopping organizations from scraping away the layers and addressing the core issues? Possible, a fear of simplicity. As Confucius identified, we humans are inherently complex. In the case of network security, we also have an unhealthy dependency on hardware and appliances, as many go by the ‘wait and see’ approach in regards to cloud adoption. In order to make progress, we need to come out of our comfort zones, accept that the network perimeter is gone, and admit that a layered security strategy is flawed. Think simple, and make changes that bring back cybersecurity back to the basics:
● Strive to reduce workload on critical IT resources
● Reduce policies and configurations that need to be maintained in order to reduce attack surface
● Adopt faster, automated adaptability to seamlessly keep up with new threats
Thinking simpler about cybersecurity is not that hard. The same dynamics that created today’s cybersecurity challenges, like the Cloud, virtualization, and software can now be used to conquer complexity, if used correctly. Let go of complexity and achieve cybersecurity enlightenment – Confucius would be proud of you (and you might even sleep better at night).
About the Author:
Ofir Agasi is Director of Product Marketing at Cato Networks with over 12 years of network security expertise in systems engineering, product management, and research and development. Prior to Cato Networks, Ofir was a product manager at Check Point Software Technologies, where he led mobile security, cloud security, remote access and data protection product lines. Ofir holds a B.Sc. degree in Communication Systems Engineering.
Huawei’s AI Update: Things Are Moving Faster Than We Think
FEATURE | By Rob Enderle,
December 04, 2020
Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 18, 2020
Key Trends in Chatbots and RPA
FEATURE | By Guest Author,
November 10, 2020
FEATURE | By Samuel Greengard,
November 05, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 02, 2020
How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 29, 2020
Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 23, 2020
The Super Moderator, or How IBM Project Debater Could Save Social Media
FEATURE | By Rob Enderle,
October 16, 2020
FEATURE | By Cynthia Harvey,
October 07, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
October 05, 2020
CIOs Discuss the Promise of AI and Data Science
FEATURE | By Guest Author,
September 25, 2020
Microsoft Is Building An AI Product That Could Predict The Future
FEATURE | By Rob Enderle,
September 25, 2020
Top 10 Machine Learning Companies 2020
FEATURE | By Cynthia Harvey,
September 22, 2020
NVIDIA and ARM: Massively Changing The AI Landscape
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
September 18, 2020
Continuous Intelligence: Expert Discussion [Video and Podcast]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 14, 2020
Artificial Intelligence: Governance and Ethics [Video]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 13, 2020
IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI
FEATURE | By Rob Enderle,
September 11, 2020
Artificial Intelligence: Perception vs. Reality
FEATURE | By James Maguire,
September 09, 2020
Anticipating The Coming Wave Of AI Enhanced PCs
FEATURE | By Rob Enderle,
September 05, 2020
The Critical Nature Of IBM’s NLP (Natural Language Processing) Effort
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
August 14, 2020
Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation's focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
