A Security Agent himself, Ted Ranft VP EMEA SDDC, Network and Security at VMware, sat down with us to share some of his insights for you.
Thanks for taking the time Ted. First of all, we wanted to ask what do you think are the biggest challenges facing Security Agents in organisations at the moment?
When it comes to securing systems, there are a number of challenges. The first is looking at the systems themselves, coping with elements such as legacy architecture, complex and regulated systems lacking the elasticity needed to stay secure against threats which may not have even been in existence when they were originally created. Modern IT organisations are shouting ever louder for agility, speed, and access. And with all of these, the risks increase – especially when it comes to speed. Reuters recently reported 77% of IT departments face pressure to release new technical projects despite there being security concerns.
Secondly, the need for increased movement in IT environments is also a worry. Movement in data centers is increasing, in part due to the portability of VMs and also for Disaster Recovery purposes, ensuring a secure storage of critical data. Additionally, the movement of whole applications is changing. It is no longer a one-time event but has become something that can take place daily, or even hourly. And this means yet more pressure on security.
Finally, the perimeter walls are expanding with increasing requests for interconnectivity and interdependent networks between partners, suppliers, consultants and joint ventures. This in turn is causing an expansion of the risk surface, increasing to the thousands, a potentially unmanageable number with existing traditional tools.
What can the Security Agent persona do to offer the most value to their business?
The Security Agent’s role is key as through their research and guidance the organise can design and architect systems with the appropriate levels of security, from the huge range of options in the marketplace. The key challenge for these individuals and teams is to improve security without reducing agility.
What should the Security Agent persona look out for at VMworld?
We’ve made tremendous progress in fulfilling the promise of microsegmentation. VMware’s solutions are new and architected in a way that is in alignment with today’s modern security threats. We offer a unique solution to the marketplace and the value we are delivering for our clients is further amplified by the rich eco-system of security partners who now integrate with our systems. It’s available today and can be implemented with very little disruption to the pre-existing network or security environment.
The key session at VMworld is PAR6415, which takes place Monday 12th October 3.30 – 4.30pm. In the session Andy Kennedy, System Engineer, Network Virtualization Platform at VMware, will discuss the elements which need to be considered as part of a holistic approach to implementing a security model in a cloud platform. He will also cover the existing portfolio and offer ideas of a different approach you may wish to consider in your next customer engagement.
What does the future hold for the Security Agent persona?
The role of the Security Agent is becoming more important and interconnected with the business. This is being driven by the increased volume of security threats and other factors.
The growing threat in both volume and sophistication of the threats is increasing. 2015 is already a year of note in terms of volume and ingenuity of attacks, with the recent theft of 21 million personnel files from the U.S. Office of Personnel Management’s systems as just one example.
Threats are moving beyond ‘simple theft’ to wilful damage, destruction and vandalism of company data assets such as the recent hack and publishing of the Ashley Madison user database, which has resulted in far reaching implications on a very personal level for some.
Pressure is building in the boardroom, highlighted in the recent NYSE Governance Services report Cybersecurity in the Boardroom, where 46% of businesses stated cybersecurity was being discussed at most meetings, and 35% claiming that it came up at every board meeting. In the same report, 66% of board members reported they feel less than confident in their ability to defend against cyber attacks.
All these factors contribute to one key fact: cybersecurity is key for all areas of the business, and only through using tools and services which adapt and evolve as quickly as threats do, can an organisation ensure they remain secure.
Stay tuned for more content as we get closer to VMworld; follow us on Twitter @VMware_UK for all the latest news.