Cybersecurity in 2021 and beyond from a Security Engineering lead's perspective
An interview with Director IT Security Engineering on current cybersecurity landscape, trends, emerging technologies and the near future.
Cybersecurity is constantly evolving due to an increasing number of new threats that are progressing as well, so there is a need to be up-to-date. We’ve decided to catch up with Brent Harrison, the new Director IT Security Engineering at IT HuB at PMI to talk a bit about the current cybersecurity landscape and how it’s going to change in the near future.
How does cybersecurity landscape look like in 2021?
Almost every time you check your news feed these days, it seems like there is a new story about companies falling victim to ransomware attacks. This is a persistent threat that isn’t going away anytime soon, and will also continue to evolve, meaning that we need to keep evolving our capabilities to deal with it as well.
We are also seeing supply chain attacks becoming more prevalent, with examples like SolarWinds and Kaseya VSA making this a worrisome trend. Of course, topics like data privacy and data security continue to be important and are driving a lot of investment. In terms of technology, the cybersecurity space has some similarities to IT in general, with AI/ML increasingly being used in new cybersecurity products and integrated into existing products / services to enhance the offerings.
“Zero trust” has gone from a buzzword to a set of mandatory practices for maintaining a secure environment, and the deployment of technologies in support of “zero trust”, like Software Defined Access, is becoming more common.
You’ve mentioned Software-Defined Access, could you tell us more?
We hear a lot about micro-segmentation, and its importance in zero-trust. Conceptually, micro-segmentation means splitting networks into very small segments and controlling traffic between those segments. Software Defined Access (SDA) allows us to implement micro-segmentation in on-premise networks by dynamically reconfiguring switches to allow or block traffic between different hosts based on the defined rules, as well as controlling access to the network so that only known users / devices can connect.
Whilst micro-segmentation is possible without SDA, it is difficult to implement, maintain and scale due to the level of manual effort. SDA makes micro-segmentation possible at enterprise scale by codifying the rules and using smart automation to do all of the configuration, significantly reducing risks.
What are the new challenges, and which will become - in your opinion - more problematic as the time passes?
If we look at the cybersecurity landscape today, one of the big challenges is that the cost and complexity of launching attacks is decreasing, and at the same time this only increases the complexity for us to defend. We need to get faster and faster to harden, patch, monitor and so on across a broad range of IT technologies supported by a number of different IT teams.
Part of this problem can be solved with new technologies and clever automation, but there is still a piece remaining that is all about people and processes that we have to get right.
Does this influence the role of a security engineering team?
Security Engineering has a critical function to play in responding to these challenges. It becomes the focal point for a lot of activities and is really where “the rubber hits the road” in terms of the technical realisation of protection, detection, analysis and response measures. So when I talk about new technologies and clever automation as part of the solution, this is what Security Engineering needs to deliver.
Our Security Engineering team has only been formed recently, and this was done very much with current and future threats and challenges in mind. This is a team of talented engineers who are tasked with the development of new security capabilities, and the ongoing improvement of existing ones. With the rapid development of threats and technologies to counter those threats, it gives us plenty of exciting things to work on!
I'm sure there are also challenges that come from PMI size and the fact you are a global company. How does it affect your work?
The size and global scope make the job really interesting. We have Security Engineering team members in 4 countries, and we work with colleagues from many more countries around the world, so we get to meet and to know people from many cultures and backgrounds.
Size is also bringing scale and complexity, which results in some interesting engineering challenges that you don’t find in smaller companies, bringing great learning opportunities. It also means that there is always something interesting somewhere in the company, and as part of a central team that means that we always have something interesting to work on.
About our guest
Brent Harrison, Director IT Security Engineering at Philip Morris International. Internationally experienced information technology leader, driving IT and organisational strategies to deliver value through technology. Prior experience includes roles as head of Connectivity and head of Technical Infrastructure.