Josh Bosquez CTO of Armor Cloud Security got to talk about the state of data center cybersecurity in our recent HawkTalk.

Data Center Security in the Distant and Recent Past

Josh is in a unique position to talk about cybersecurity for data centers. He cut his teeth in the Dallas telco industry in the late 1990s. Back then, the scene was all about the monitoring and empowering of data centers and creating new kinds of infrastructure automation. Later Josh and his team moved into the realm of compliance testing and automation. When the Cloud started to flourish, the focus became providing cybersecurity that could scale on demand. This is how he came to work with so many security oriented managed service providers (MSPs) in recent years.

Josh noted that back in the old days, security planning and the protection of physical space like a data center was relatively easy. You could see the cables and the hardware, and you knew how everything stacked. But in the Cloud, things are abstracted. Everything is hands off. New techniques needed to be learned in this virtual terrain. As more and more companies moved to full or hybrid Cloud, the security strategy became far more complicated. Technician training and certification needed to be ramped up, and some companies needed to entirely rewrite their cybersecurity playbook.

Data Center Security in 2021

Josh noted that as far as the most common things companies can do to protect themselves in 2021, there's no one silver bullet. But the most important thing is user education. If they don't know about ransomware, and phishing attempts, and what links are unsafe or unwise to click, about how IT support will actually contact them, and what questions they're allowed to ask... the user is a security liability. After education, the priorities are anti-virus, anti-spyware, and the like. But user education is number one in any case.

With remote work becoming a top priority, trying to protect users at home is a big challenge in some companies. They had set up a safe environment in the office, and then suddenly everyone was a telecommuter. The protection they set up in the past has to rapidly shift in order to cover this new paradigm.

He was asked to address what strategies companies providing data center services are using to protect themselves and their current customers. He said that these days, Armor standardizes around ways to gain full visibility into an environment. Every layer of the OSI model needs to be accounted for in some way, from physical data center access to network security, to access control, to hosts, and everything in between. To do this, a cybersecurity team needs to be able to see every asset out there, whether it's real or virtual. And the monitoring tools and reporting methods need to be understandable by experienced CISMs and relative laymen alike since you never know who you’re going to need to explain a security situation to get buy-in for critical systems.

A lot of organizations are leaning on security MSPs, simply because the budget for internal security has not changed over the years, while the complexity of the cybersecurity landscape has ramped up tremendously. So, they leverage the expertise of MSPs in the security compliance space even as they continue to build their own internal capabilities. Then they can use the monitoring, reporting, and automation tools that are provided by firms like Armor.

Unified Data Center Security and the Scope of the Problem

We asked Josh why many companies are embracing unified security models. He said that it's like Nirvana for most CISOs or CIOs trying to run an organization. They want one point of contact, one overarching visibility point. Making the cybersecurity landscape more simple allows them to make better choices as far as their spending, their user education, their cybersecurity team's education, and the like.

Unification must be at the top of their list to reduce complexity and get everyone on the same page. The understanding of the security landscape is different across groups within any given company, because some folks will be more or less technical, and others will be more or less interested. The best way to get consensus across a corporate culture is to simplify the way a security overview can be presented as much as possible.

David noted: In the first three quarters of 2020, there were 36 billion record breaches in the wild. Worldwide, the cost of cybercrime is $2.9 million every minute. There will be 55.7 billion connected devices by 2025. How can companies prepare for this massive cybersecurity scope?

Josh said that it's getting to a point where you connect a new device to the network and it's getting attacked in seconds. Some of these attacks are already brewed up, and they're just waiting for new internet connected devices that fit the profile of their target. Therefore some of the biggest companies in the world, with the largest security budgets in the world, get breached.

It revolves around expertise. Preparation is everything. Throwing money at a problem isn't going to help if you're throwing it in the wrong direction. Therefore managed service providers in the security field are so helpful. A company can pick one with specific knowledge about their preferred hardware, their preferred software, their particular scenarios. Getting expert help from the people who have the time to keep up with the latest developments in cybersecurity just makes sense. Partner up, leverage external resources to shore up any knowledge gaps.

Cybersecurity in Smaller Companies and Compliance Concerns

When asked about smaller companies, Josh said that everyone is equal in the world of cybersecurity, as far as being targeted. There are attacks running 24/7 on full automation, just seeking devices with the right profile, and they don't care who they hit. The hackers won't know exactly how to leverage their attack until they're inside, or what the full benefit of the attack might be in the long run. It could be adding resources to a botnet. It could be a potential ransom. It could be a platform for further surveillance. Then they look for lateral ways to deepen their grasp.

From a defense perspective, small businesses are the underdogs. Every company is a technology company these days, whether they know it or not. The risk is still there if the company has any exposure to the Internet. But they don't have the same budget as the biggest tech companies, even if they're being exposed to the exact same attacks. They will almost certainly need to lean on a cost-effective security MSP, as most of their money is being spent on core business competencies. User education on phishing and ransomware helps as well, of course.

Companies providing data center services used to focus on compliance for HIPAA, PCI, OSHA, and the like. Moving into the Cloud, other controls are being added as compliance regulators start to shift standards with the times. Some of the older regulatory bodies have additive measures they've put into place, and it can be quite complex to get into full compliance. These additional steps will ultimately help keep a company secure, but it changes the skillsets of internal cybersecurity teams. Folks who are stronger on the regulation, testing, and controls side of the equation are necessary, and they need to keep up to date as the complexity keeps growing.

Armor Cloud Security’s Role

We asked how most customers come to a company like Armor. Do they arrive in the middle of emergency situations, or are they taking a proactive approach?

Josh said that Armor is channel focused, so they're mostly supporting security MSPs. But often the clients of those MSPs have just had a breach, or they just realized that they need to be compliant after adding a new aspect to their online business. The MSPs need a quick, easy, one stop shop where they can pick up a package solution and implement it by a certain deadline. There's no time for a long requisition and procurement process, as was the case in the data centers of old. Armor's tools, platforms, and services are geared to help those emergency situations get resolved as soon as possible.

The final question was what will have the greatest impact on the future of cybersecurity over the next five years?

Josh replied: It's the volume. The millions of devices coming online, the Internet of things, smart devices and automation, increased use of LTE... the potential threats are outpacing the number of security experts out in the world today. So, expect rapid growth in the industry over the next few years.

And of course, check out armor.com for more details about what Josh’s company can do for data center clients and MSPs alike.