What is Cybersecurity Mesh Architecture and Why Does it Matter?

When they think of "cybersecurity," most people probably think of antivirus software, firewalls, and other ways to protect computers against attacks. However, as we increasingly rely on technology to run our businesses and connect with the world, the need for robust cybersecurity goes far beyond desktop protection. In this blog, I will discuss one key aspect of cybersecurity that is getting some new attention: cybersecurity mesh architecture. I will explain what it is and why it matters for building a sustainable cybersecurity program. Let's dive in!

Out With the Old

Complexity continues to be a challenge when building out our cybersecurity programs. During my time as a CISO, I had the benefit (and burden) of building an enterprise cyber program from the ground up. I have learned along the way that even mature, well-funded organizations have complicated environments, often born from years of siloed threat management. But the industry is finally catching up with what many of us "in role" have known for years: traditional security approaches that were built on specialized point products (often operated in silos to defend our organizations in a reactive and particular manner) no longer work in today's modern threat landscape. This single-threat, bolt-on approach has terrible ROI and can leave considerable gaps in coverage and visibility. This antiquated strategy is ill-suited to the rapid, distributed nature of most modern enterprises.

Defending a modern enterprise requires a new approach that treats security as an ecosystem, rather than as a collection of siloed solutions. These products usually cannot communicate with each other, so they end up causing expensive gaps in coverage. As more assets are moved to a multi-cloud environment, it is becoming easier for attackers to access them. IT leaders must start to think of security as a platform, where everything works together. Gartner has coined this holistic, platform approach a "Cybersecurity Mesh Architecture," or CSMA, defined as, "provides a foundational support layer that enables distinct security services to work together to create a dynamic security environment." VMware emphasizes this distributed service approach and knows that security solutions should be built into the environment that needs protection and use contextual information to help prevent attacks. A CSMA should help simplify management, unifying administrative tools and bringing together disparate security teams.

Why CSMA?

I know firsthand that the number of tools and solutions vying for limited security budgets proliferates every day. How can an enterprise IT organization gain ground against the deluge of data, threats, and alerts? The answer lies in securing the right platform, and consolidating tools where it makes sense. You might begin by asking: How do we connect the different cybersecurity tools? Is there overlap in capabilities? Can I consolidate? There are so many tools out there, every customer has 20 or 50 or 100. How do we connect them in a way that makes the system more intelligent? CSMA gives you the ability to leverage a reduced vendor footprint while deploying best-in-class solutions through integration.

VMware understands that customers have made prior investments in their security stack and a big-bang replacement is rarely possible out of the gate, so integration between existing security tools and the VMware Platform is a key principle of our solution architecture. I often tell customers, "We help your security program establish a better defensive posture using what you already have and leveraging our solutions to address any gaps."

CSMA Enables Zero Trust

The concept of zero trust boils down to limiting access: how do we validate and authenticate appropriately and provide the minimum level of access needed to perform a task? Where zero trust is the strategy, CSMA is the tactic that connects all the security capabilities and the contextual data to implement zero trust. CSMA enables visibility into a variety of different data inputs-the user, the time of day, the geolocation - while we query their role within the organization and the data that they are trying to access. This architecture allows us to collate all this information together into a rich pool of contextual data that we can draw from, we can report on, we can alert on, and we can make informed security decisions from. Cybersecurity mesh architecture is bringing a next generation of intelligence to cybersecurity: a zero-trust environment to help organizations be more secure in a way that does not negatively impact the consumer.

Reduce the time to value with VMware and CSMA

VMware's platform approach helps bring your existing security tools into greater alignment with CSMA principles by exploiting prebuilt integration options where they add value to your specific risks and threats landscape. Organizations who use this approach gain improved security analytics, an identity fabric, consolidated security policy, vulnerability management, and incident detection and response packaged nicely with consolidated dashboards. If you want to take your enterprise security to the next level, adopting a CSMA platform is a great way to start. So why wait? Get started on strengthening your organization's security posture today with CSMA.

For more on cybersecurity best practices in public sector, check out our blog on Zero Trust for government.

Public link

Please use the above public link if you want to share this noodl on another website.