Don’t be left behind by the unraveling of the enterprise

The C-Suite Report: Business and Security Strategies for the Unbound Enterprise

For IT and security, SaaS and SASE are as common in the everyday vernacular as Zoom and instant message.

These apps are everywhere and so are our employees. We have a new class of aptly-named anywhere workers that corporate cybersecurity teams have to support. As a result, security today has to get closer to the data and the person—an employee, contractor, partner, or customer—working at the edge of our enterprise.

Protecting the unbound enterprise without getting in the way of productivity is something I have been thinking a lot about, particularly since joining Forcepoint as CEO.  

Companies are more dynamic and productive in this SaaS-based world, driven by employees who demand it. The world is unabashedly digital. Services are ubiquitous. This is the world we call the “unbound enterprise.”

I’d love it if you would spend a few minutes watching our fireside chat and sharing your feedback, but if you can’t, here’s a recap:

The ways in which security must evolve to protect the unbound enterprise was also the theme of my keynote at RSA 2021 yesterday (watch it below).I had the pleasure and the privilege of discussing these issues in a fireside chat hosted by UK tech journalist Georgie Barrat.

• Where organizations really struggle today is knowing where the perimeter really is.

The perimeter is no longer the corporate network—it’s the individual and data. Employees are working from home, in hotels, or depending on your geography in the office of a customer or partner. The data people are accessing and using are inside a private data center or part of a public cloud. As data consumption has physically changed to “anywhere”, security now has to be “everywhere.”

• Hackers and attackers are always trying to exploit a change in our environment.

Remote work has exponentially increased the attack surface. Last year, there were about 46,000 phishing sites coming online every week, bad actors going after users. The threat of ransomware is as foreboding as nuclear winter during the Cold War (remember those days?). Even industries that aren’t traditionally digital are under attack, as we’ve seen with critical infrastructure such as Colonial Pipeline.

• Security must evolve to account for the vagaries of user behavior.

Traditionally, security was binary. Users or their actions were either good or bad. Today, understanding the nuances of behavior and the intent of users is critical, table stakes in practical terms. The only way we can move left of breach or data exfiltration is by gaining the richness and context delivered in understanding user intent.

• How you deliver security to the right place and right time is the real challenge.

Today’s reality is hybrid. For compliance or competitive reasons, our customers and partners must continue to maintain private apps, so we must deliver the same level of comprehensive security service regardless of whether the app is on-prem or cloud. To do this, we need to provide a unified enforcement policy to protect data wherever it is accessed.

Together, we must bring security frameworks forward to enable the unbound enterprise.

Today’s reality is hybrid. For compliance or competitive reasons, our customers and partners must continue to maintain private apps, so we must deliver the same level of comprehensive security service regardless of whether the app is on-prem or cloud. To do this, we need to provide a unified enforcement policy to protect data wherever it is accessed.