Everything you need to know about using a cybersecurity mesh architecture - Gartner - PAGE 2

What is cybersecurity mesh? Definitions and best practices

Build the four foundational layers.

Next, begin building out each of the foundational layers as follows:

  • Dashboards — The ideal dashboard will provide broad insight and real-time alerts, along with clear visualizations of real-time risk scoring. Consider whether you need multiple views for different IT security and stakeholder roles, as well as advanced features like customizable widgets and reports.
  • Policy, posture and playbook management — Look for tools with capabilities that are aligned with established security standards like those from NIST, CIS and ISO.
  • Threat intelligence and analytics — Favor SIEM, UEBA, SOAR, XDR and related tools that provide dynamic, entity-based risk scoring and that integrate well with your core security and identity solutions.
  • Identity layer — Look for solutions that help you centrally administer identities and enforce sophisticated access policies across the entire IT environment.

Look for composable, standards-based tools.

When choosing security tools and services, check for deep integration capabilities that, whenever possible, are based on standards. As noted earlier, standards in the arena of cybersecurity mesh architecture are still evolving, but current examples include as OAuth 2.0, OpenID Connect, SCIM, OPA and CAEP.

Also look for open APIs that enable tools to easily share information, including identity context and risk intelligence. For example, you want your email gateway to be able to communicate with your network firewall, and for both to be able to inform authentication decisions.

Consider the vendor as well as the tool.

The quality of the vendor is as important as the quality of the tool or service. Seek out suppliers that have significant expertise and that have a track record of being responsive to changes in the security landscape and flexible in helping customers secure their environments.

Seek an appropriate level of consolidation.

Organizations are looking to simplify their security stack and licensing overhead through both tool and vendor consolidation. Indeed, a survey by Gartner found that 75% of organizations were pursuing security vendor consolidation in 2022, up from 29% in 2020.

When planning and implementing your cybersecurity mesh architecture, it’s important to strive for an appropriate level of consolidation. For instance, trying to limit your identity fabric to a single identity provider simply may not be realistic to effectively manage all your use cases, such as handling multiple different internal workforce groups as well as external contractors, customers, partners and so on.

The key is to manage your solution roadmap using your CSMA vision. The goal is to work toward an integrated ecosystem as tools and standards continue to evolve, without increasing your technical debt in the long run.

Review and revise!

Creating a cybersecurity mesh architecture is not a one-time project but an ongoing process. After all, your business needs, technologies, standards, available solutions and the threat landscape are all constantly changing. Therefore, it’s essential to regularly evaluate the performance and effectiveness of your cybersecurity ecosystem and make adjustments as needed. Clearly lay out which metrics need to be tracked and reviewed, from technical metrics to measures of how the CSMA strategy is impacting business outcomes.

Keep a particular eye on any areas where you have gaps, such as solutions that lack important functionality, do not integrate well or are not being supported well enough by the vendor. At the same time, keep track of product enhancements, since increasing maturity in one tool can be an opportunity for consolidation to simplify your technology stack.

Conclusion

Adopting a cybersecurity mesh architecture is an involved process, but well worth the investment. Moreover, it is a strategy that begins to yield benefits quickly — each step you take in the journey will help improve cyber security, simplify operations and position your organization for a bright future.

  • cybersecurity mesh architecture
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

What is CPU/Memory/MySQL abuse?

What is CPU/Memory/MySQL abuse?   First, it must be made clear that CPU/Memory usage is...

Does DDoshostingprotection.com allow adult sites on their network?

Does DDoshostingprotection.com allow adult sites on their network? DDoshostingprotection.com...

Everything you need to know about using a cybersecurity mesh architecture - Gartner - PAGE 1

Gartner named cybersecurity mesh architecture (CSMA) one of its top cybersecurity trends in...