Blog
The Security Flywheel: A Simpler, More Effective Approach
August 26, 2020
The flywheel, described by Good to Great author Jim Collins, is the encapsulation of all the steps, the pattern of process a company establishes which causes their economic engine to spin.
In our last blog, The Security Doom Loop, we discussed the downward spiral many enterprise security practices face. Today, I wanted to focus on the great opportunities that can be gained by adopting a simpler, more effective approach to protecting the business. That is the promise of NDR (network detection and response).
The economic engine of a business is its value chain: all the people, processes, systems, and activities which enable it to deliver goods and services. Ultimately, this is what the company cares about, and why security exists—to avoid or mitigate the impact of a breach on the business.
For CISOs and CIOs reading this blog, I propose a new way to think about your security practice, a raison d'être. The secure performance of the business flywheel and its value chain. We see this concept so vividly with cloud-native businesses, as well as with organizations that have digital applications driving their flywheel.
From Amazon, to online banking, to app-driven food delivery services, security is not a separate discipline but integrated with IT and development. It's an integral part of the business equation.
Threat detection is interwoven in the fabric of applications, changing network traffic patterns and systems for devops, engineering, database, and admin teams. There shouldn't be agents or intrusive actions, but rather a system that can span WAN connections, branch offices, data centers, and cloud hosts.
In NDR, security and performance are achieved through a singular, integrated system. User experience and availability are contingent on having a secure application. Similarly, threat mitigation is dependent on remediating the configurations that expose the application to exploits and disrupt business flow and performance. With NDR you can have both visibility and intelligent response capabilities to optimize both threat detection and application performance—without any additional overhead or cost.
So when we look at the business case for NDR solutions, keep in mind the cost to the business if the flywheel is disrupted. Having complete visibility with a single data analytics platform based on wire data, for all your IT, security, network and devops teams, is worthy of consideration.
Discover more