As organizations have accelerated their plans to better enable dispersed workforces in a post-pandemic reality, many technology decision-makers are broadly rethinking their network architectures. Inevitably their discussions lead to comparisons and debates over both software-defined wide area network (SD-WAN) and secure access service edge (SASE) technologies.
The migration to cloud provides faster time to deployment and elasticity, but often at some cost and complexity to infrastructure control and visibility. A concrete example we can use is a deployment of web servers with rational security group configuration, in light of the recent Log4Shell vulnerability. While limitations are similar in all IaaS environments, consider the following AWS architecture with focus on the web servers running on EC2 instances.
Discovered on December 9, 2021, the log4Shell vulnerability is one of the most talked-about vulnerabilities in computing. Because simple text can be used to take control of a device and download anything that is Internet-accessible, companies are taking it seriously. As they should – log4Shell has the maximum CVSS score of 10 (CVSS, Common Vulnerability Scoring System, is an industry-standard for ranking vulnerabilities).
On Jan. 26, the Office of Management and Budget (OMB) published its widely anticipated final version of its zero trust architecture strategy, identifying top cybersecurity priorities for the federal government. This achievement raises the country’s cyber defense strategy to a level commensurate with the “increasingly sophisticated and persistent threat campaigns” it faces.
While we optimistically hoped for normality in 2021, organizations continue to deal with the repercussions of the pandemic nearly two years on. Once considered temporary measures to ride out the lockdown restrictions, they have become permanent fixtures now, creating a dynamic shift in cybersecurity and networking. At the same time, cybercriminals have taken advantage of the distraction by launching ambitious attacks against critical infrastructure.
We can’t always stop the bad guys from getting in, but we can stop them from wreaking havoc. Professor Avishai Wool, AlgoSec CTO, summarizes notable breaches from 2021 and explains the role of micro-segmentation.
