“What you cannot see, you cannot protect”. So says Bassam Khan, Vice President at Gigamon, the leading network security firm.
His warning takes on even greater meaning as governments rapidly transform their networks. Services are increasingly reliant on ever-faster networks, and the mad rush can lead to vulnerabilities and blindspots.
Government officials must adapt, Khan tells GovInsider. The best approach is to have complete visibility into every piece of data that goes across, and in and out of your networks, he explains.
What is network visibility?
First, let’s set the scene. A rising trend is to use cloud services to build applications, benefiting from the speed and efficiency that cloud brings to the equation.
This new way of working often requires that applications run on various different places at once, instead of just on one server. An application can be on the cloud and in the virtual world, while also connecting back to physical, on-premise systems and data. “Now we go from a program running on a server, to applications running on 20 different places at once,” Khan says.
Such highly distributed applications make it all the more complex to keep everything secure. With every new device or platform that you introduce to your network, you are introducing yet another “attack surface” or point of entry for cyber threats, Khan notes.
Cybersecurity tools of old – firewalls, for instance – cannot do their jobs effectively in this new, borderless environment. “The old method of monitoring doesn’t work anymore in the hybrid world; the only way to secure these apps is to look at network communications,” Khan asserts.
“The old method of monitoring doesn’t work anymore.”
Now let’s look at the network traffic, or data, streaming through these open environments. Your network monitoring and security tools are only as good as the data that reaches them, Khan explains.
Sometimes the data is too little for these tools to work with. Networks can suffer from ‘blind spots’: data that are inaccessible to network monitoring and cybersecurity tools because they are in remote locations, encrypted, or on cloud platforms. “It’s the ever-present needle in the haystack problem” he remarks.
And sometimes, the data is too much, overwhelming your cybersecurity and network monitoring tools, Khan notes. An onslaught of data is inevitable when networks advance to even greater speeds, he points out.
What’s more, ‘too much data to analyse’ is the number one factor cited by respondents in a recent cyberthreat defence report when asked what prevents their organisations from adequately defending against cyberthreats, he continues.
Your tools can’t fix what they can’t see: “Unfortunately, these tools often aren’t able to receive a complete picture of the overall network traffic.” Here, Gigamon helps to “centralise every bit of data in motion” within an organisation’s networks, and shine a spotlight on those that need the most attention, Khan says.
Cut through the noise
Even if the data in motion are on physical, virtual, or cloud environments, as is often the case for government, Gigamon’s tools can quickly assess large amounts of incoming data and route these data ‘packets’ only where they are needed. This way, your cybersecurity and network monitoring tools do not have to analyse irrelevant noise.
What’s more, Gigamon can extract intelligence out of the network traffic flowing through an agency’s systems, Khan says. “It will say, this is Spotify or email or MongoDB traffic.”
The upside is that with Gigamon’s tools, your IT folks spend less time on repetitive manual tasks involved with collecting and filtering data. “It frees up their time for research, analysis and planning,” Khan notes. Agencies also get more out of their existing tools, instead of blowing their budgets every time network traffic creeps upward, he adds.
On a broader, system-wide level, Gigamon effectively enables more robust cybersecurity. Agencies will be able to keep a close eye on data – and any potential threats – in real time, as packets move through networks, according to Khan.
Modern service delivery is fast, efficient, and citizen-centric – but it also means that it needs modern security strategies. The best way forward is to use a combination of security, monitoring and network visibility tools, and put your network traffic under even greater scrutiny, Khan concludes. The old adage – out of sight, out of mind – no longer applies.