Why cybersecurity can make you feel lost in space

Home » Increase Productivity » Network Automation » Why cybersecurity can make you feel lost in space
Space Odyssey – Frank Poole

Cybersecurity has been a hot topic for years. With many high-profile breaches, malware attacks, and pricey payouts, it’s no wonder why companies continue to add more and more protection for their IT systems.

Despite this, hackers continue to succeed at exploiting vulnerabilities. Why are there still vulnerabilities in the first place? All it takes is one weak spot and one bad actor (looking at you, HAL 9000) to lock you out and leave you scrambling to regain control.

In this post, we’ll cover how network infrastructure has evolved in the past decade, why cybersecurity can make you feel lost in space, and what you can do to achieve holistic protection.

 

How network infrastructure evolved

The movie 2001: A Space Odyssey predicted that by the year 2001, technological advancements would enable things like space travel and virtual conferencing. In reality, we were still rolling around in gas-powered cars or waiting for 56kbps dial-up connections to load our email inboxes.

Times were simpler, but that also meant that network infrastructure and cybersecurity were simpler. Most people would go to work at a physical location like an HQ or branch office, and distributed or remote work technologies were very much in their infancy. This meant that network infrastructures were more simple and localized, usually requiring a simple MPLS connection from their off-site data center (if they had one) to their branch offices. Cybersecurity was simple: it was either inherent to the connection type (like MPLS), or required something like a basic firewall or encryption method.

Network architecture showing simplicity of data center connected via MPLS to branch office

Fast forward more than 20 years, and the network infrastructure common to 2001 is barely recognizable. With customers and employees demanding companies adapt to their on-the-go and remote-work lifestyles, the network infrastructure exploded, causing a sort of Big Bang of cybersecurity as we know it today.

Network architecture showing complexity of data center, CDN, remote user, branch office, all connected via many paths

Modern networks need to serve many branch offices and remote locations, and the only way to succeed is by incorporating a myriad of on-prem, cloud, and SaaS solutions. This creates a hybrid infrastructure of data, security, networking, and computing distributed everywhere. In other words, the attack surface continues to expand much like the universe itself, and security professionals have been struggling to contain all the vulnerabilities left in its wake.

 

Why cybersecurity makes you feel lost in space

You might relate to Frank Poole. In the movie, the HAL 9000 supercomputer leads Frank to perform a spacewalk in order to repair a portion of their ship. While Frank floats toward the ship, the corrupted HAL takes control of an EVA pod and slams it into Frank, causing him to tumble helplessly through the black void of space and eventually meet his demise.

Frank Poole death

Trying to secure your IT infrastructure can make you feel just as helpless and out of control. That’s because cybersecurity presents several challenges that make it difficult to gain your footing. And with last year’s executive order regarding zero trust security, cybersecurity seems even more daunting as previous protection methodologies are becoming wholly obsolete.

Here’s a brief look at some of the challenges of modern cybersecurity.

 

Too many products

Regardless of your industry, there are so many security products to choose from that it can easily feel like you’re floating amongst an endless sky of stars. It’s difficult enough choosing properly secured servers, routers, storage devices, and other physical equipment. Add on the other crucial pieces of the modern network architecture, and it’s easy to make a full time job of researching, comparing, and selecting the right cloud and SaaS security products. Here’s a list that barely scratches the surface of different types of security products to choose from:

  • Firewalls & next-gen firewalls (NGFWs)
  • Security information and event management (SIEM) systems
  • Identify and access management (IAM) products
  • Pen testers
  • Data analytics
  • Intrusion prevention and detection systems (IDPS)
  • Endpoint protection apps
  • Database security solutions
  • Ransomware/malware detection and removal
  • Authentication and single sign-on

 

Too many vendors

All of these products have to originate from somewhere, which brings us to the next challenge: there are too many cybersecurity vendors to choose from. This isn’t necessarily a bad thing, since competition creates better products, but it does complicate the cybersecurity professional’s journey to achieving holistic protection.

Recently at RSA Conference 2022, for example, there were 450 security exhibitors present, 70 of which were funded well enough to afford the cost of a booth. During the show, many discussed that in the previous 18 months there were 1,800 new cybersecurity vendors that received funding to be installed in networks. The TL;DR — this multi-vendor ecosystem will persist (and probably grow even more), and so will the challenge of achieving holistic security.

Of course everyone wants the best of the best, which might draw your attention to staples like Cisco, Fortinet, and Palo Alto Networks. But because the modern hybrid infrastructure is so diverse, there now exist so many niche products available from thousands of vendors. In fact, CyberDB compiled a database that includes more than 3,500 security companies from the United States alone.

Here’s a graphic that puts into perspective just a fraction of the available vendors:

so many security vendors

 

Too many gaps

The third and most important challenge stems from the first two above: there are just too many security gaps to address. Part of this problem is due to the diversity of hybrid infrastructure. But once you’re able to identify the gaps, you’ll find that addressing these will more often than not create even more gaps.

That’s because there’s no single vendor or suite of products that provides holistic cybersecurity. You deploy a variety of products but inevitably run into interoperability issues, which only perpetuates more vulnerabilities as you add more solutions to address these gaps.

What you end up with is a plethora of solutions that are secure themselves, but that don’t provide protection for your infrastructure as a whole.

 

How to achieve holistic cybersecurity

Achieving holistic cybersecurity requires many different solutions to work together, much like all the systems that power a spaceship. Rather than focusing on a few gaps, addressing them, and seeing what happens, you need something that can tie everything together into a fully cohesive system. This requires a cybersecurity platform that can eliminate interoperability issues so you can successfully assemble the security solutions that suit your unique requirements.

Some security giants may claim to already have such a platform, but in reality they only offer API integration and stat/log sharing. This forces you to still buy everything from them and their small selection of technology partners (if any). This is another form of less obvious vendor lock-in, when what you really need is the freedom to be able to buy, deploy, and operate any product from any vendor.

Nodegrid is this platform for freedom and flexibility. Nodegrid hardware is built around security, with features like secure boot, encrypted disk, TPM 2.0, and geofencing that enable zero trust methodologies. But the main engine of this Cybersecurity-as-a-Platform (CaaP) is the onboard Nodegrid OS. This Linux-based operating system is capable of hosting third party security applications of your choice, along with automation and orchestration tools that help you bring everything together.

cybersecurity as a platform with Nodegrid

This means you can run your Cisco SIG CDFW, Horizon3.ai pen test, ThousandEyes agent, and Netskope ZTNA publisher — or other solutions you choose. And you can orchestrate everything from intrusion detection to event triggers and automated responses using tools of your choice, like SaltStack, Ansible, StackStorm, and others.

 

See CaaP in action with a quick demo

Set up a quick meeting with us to demo Cybersecurity as a Platform. We’ll show you how to deploy Cisco SIG/Umbrella and ThousandEyes agents using Nodegrid. Click the button to set up a one-on-one meeting and enter to win cool prizes.

Watch 2001: A Space Odyssey

Request a $5 Amazon gift card so you can watch on Amazon Prime Video.