How to Close the Gap Between a CASB and Your Budget
Earlier this summer, Dark Reading ran an article on the biggest security breaches during the first half of 2016, which covered everything from the attack on the Ukraine power grid, to hospital ransomware, to IRS tax fraud. No one is immune to security threats – and that is particularly true if you are leveraging the cloud. But how do you secure your enterprise when new security tools appear on the market every day? Keeping up with security technology is a huge challenge, because as the underlying compute infrastructure evolves, new security vulnerabilities emerge – and the old ones don’t necessarily go away.
Manage the Bills as the Tools Proliferate
Think about it. There was a time when endpoint security was the most important armor an IT team had at its disposal because everyone used desktop computers. When that was the case, antivirus software was the answer. As LANs and WANs entered the scene, a whole new type of security emerged to protect the network, and next-generation firewalls became a requirement. Then, as web storefronts became an everyday thing, they too became an attack vector, and web application firewalls (WAFs) became a necessity. Could you do away with antivirus when you bought next- gen firewalls? Or could you replace either with WAFs? The answer is no. The enterprise security toolset just continues to get larger, and somehow, you have to figure out not only how to manage it, but also manage to afford it.
Enter Cloud Access Security Brokers (CASBs)
Cloud and mobile computing represent the advent of yet another change in the underlying compute infrastructure. And, no surprise, a new type of security has emerged – Cloud Access Security Brokers (CASBs) – to combat these new vulnerabilities. Once again you have to stretch your budget and your cybersecurity team to support it. But don’t despair, life will get better.
Address the Budget Gap for CASB Today, Not Tomorrow
When I was at the Gartner Security and Risk Management Summit in June, it was widely acknowledged that CASBs have become a mandatory requirement if you are leveraging the cloud. In fact, on June 15, 2016, Gartner issued this press release: “Gartner Identifies the Top 10 Technologies for Information Security in 2016,” and included Cloud Access Security Brokers (CASBs) at the top of that list. Not protecting your data and IP in the cloud is not an option. However, while attendees at the Gartner Summit acknowledged the need, many expressed that they won’t have the budget to support a CASB until 2018. How do you manage the security gap for up to two years without the right technology? The answer to that question: you don’t.
Automate for Cost-Efficiency and Effective Security
If you are leveraging cloud technology today, you are likely doing it because it enables your enterprise to be more agile and competitive while saving significant costs. However, getting new capabilities quickly is worth far less if it means cracking a hole in your security armor that results in industry compliance violations and fees, loss of intellectual property, loss of customer data, and damage to your reputation, brand, and future business. With a cybersecurity skills gap of over 1M people globally, you can’t hire your way out of this problem. Automation is your secret weapon.
Your Case for CASB
In recognition of the gap between the need for a CASB versus flexing your budget, we put together a white paper and worksheet to help IT professionals create a business case for CASBs. When you calculate the financial exposure of not having a CASB, align cloud security spending with your overall business objectives, and calculate the cost savings for cybersecurity expertise through automation, your case is made.