Light Dark
January 11, 2022 By David Bisson 2 min read
Cloud Security
Risk Management
Security Services

Have you heard of cybersecurity mesh? Some are calling it one of the more notable trends for cloud security and today’s other cyber concerns. So, what is it, and how does it work?

The technology stack is breaking down as more people use architectures based on microservices. They’re also using blockchain and other trust models to embrace an information-centric security model that works with distributed services (key to cloud security).

These changes, among others, mean more groups will consider adopting a new overall approach to security. Niel Harper, a chief information security officer and ISACA board director, is well aware.

“The increase in remote access to on-premises data centers and cloud resources is driving the need for a flexible, composable architecture that integrates widely distributed and disparate security services,” he explained. “The goal would be to move perimeters encapsulating data centers to also creating perimeters around identities and objects that are not on-premises or on the same network — specifically, users accessing objects from anywhere, anytime and with a variety of device form factors. It also enables organizations to bring cloud services into their zero trust architecture and employ adaptive access control with more granular analyses of both subjects and objects.”

So, what does that mean in simpler terms? It comes down to the ‘mesh’ approach to cloud security.

What Does Cybersecurity Mesh Mean for Cloud Security?

According to Gartner, cybersecurity mesh is “a flexible, composable architecture that integrates widely distributed and disparate security services”. The tech research and consulting company named this as the second-highest strategic trend for 2022, coming behind data fabric. It’s about strengthening digital security while bringing tools closer to the assets they’re designed to defend.

To be honest, there’s a lot in Gartner’s definition to analyze. Some of it isn’t conclusive.

“My understanding is that ‘security mesh’ is still very much a conceptual strategy rather than a defined architecture or standardized technical approach,” Harper clarified. “It suggests that organizations need to adopt a cybersecurity architecture to integrate security tools into a cooperative ecosystem to reduce the risk impact of individual security incidents. A mesh will use analytics and intelligence coupled with ‘meshed’ controls around identity, policy, posture and information/event visibility.”

That means more chances to drive cloud security and general cyber defense programs forward using mesh. This is even more pertinent for zero trust. Businesses can use cybersecurity mesh to ensure that all their data, systems and equipment receive equal treatment and attention regardless of where they are located. It can therefore help teams to protect against emerging threats and navigate evolving tech needs in real-time. That extends to microservices, too.

How to Implement Cybersecurity Mesh

The future of cybersecurity mesh looks bright. In October 2021, for instance, Gartner predicted that this architecture will help to reduce the financial impact of security incidents by 90% on average within the next few years. Gartner also predicted it will support more than half of all identity and access requests by 2025.

So, mesh can make a difference. How can you take advantage of it? One way is to create a roadmap to bring cloud security and other solutions together. This unified, integrated system can uphold zero trust and other key defensive measures. Doing so will make the task of creating and enforcing policies easier. That will make it easier for security teams to monitor their assets, too.

Teams can then further augment this work by ensuring that basic protections are in place. Harper recommended multi-factor authentication, data loss prevention, identity governance and administration, SIEM and more.

 |  |  |  | 
David Bisson
Contributing Editor

More from Cloud Security
November 1, 2023

What is data security posture management?

3 min read - Do you know where all your organization’s data resides across your hybrid cloud environment? Is it appropriately protected? How sure are you? 30%? 50%? It may not be enough. The Cost of a Data Breach Report 2023 revealed that 82% of breaches involved data in the cloud, and 39% of breached data was stored across multiple types of environments. If you have any doubt, your enterprise should consider acquiring a data security posture management (DSPM) solution. With the global average…

October 19, 2023

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

October 3, 2023

The importance of Infrastructure as Code (IaC) when Securing cloud environments

4 min read - According to the 2023 Thales Data Threat Report, 55% of organizations experiencing a data breach have reported “human error” as the primary cause. This is further compounded by organizations now facing attacks from increasingly sophisticated cyber criminals with a wide range of automated tools. As organizations move more of their operations to the cloud, they must also become increasingly aware of the security risks and threats that come with it. It’s not enough anymore to simply have a set of…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature