To say information technology has changed considerably over the last few years is an understatement. As new technologies emerged and connected endpoints multiplied, the attack surface scaled up, fast. In the not-so-distant past, our network perimeter was a meaningful security barrier. Security teams could easily discriminate between assets from within their organization and those which lie outside it. Today, society demands greater flexibility and with this, a transition toward mobile endpoints. Stationary workstations are obsolete—with COVID-19 putting the final nail in the coffin—and replaced with laptops, smartphones, and tablets. More importantly, data no longer resides on such devices, nor is it safeguarded in organizations’ datacenters. Rather, data now sits in the cloud where security is managed by a third party.
Nearly every company has moved core IT functions off premise—be that through Infrastructure-as-a-Service (IaaS), Software-as-a-Service (SaaS), or Platform-as-a-Service (PaaS) tools. To accommodate the intangible nature of today’s cloud-based IT environment, security teams are having to re-examine their strategies. Further, security teams are pressed to do so quickly, as the pace of cybercriminal activity continues to accelerate. Given the conditions and realities of the day, it’s unfair to expect internal security teams to do everything alone.