惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

N
News and Events Feed by Topic
V
V2EX
博客园 - 【当耐特】
Vercel News
Vercel News
雷峰网
雷峰网
爱范儿
爱范儿
WordPress大学
WordPress大学
云风的 BLOG
云风的 BLOG
S
Securelist
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Microsoft Azure Blog
Microsoft Azure Blog
F
Full Disclosure
有赞技术团队
有赞技术团队
Hugging Face - Blog
Hugging Face - Blog
NISL@THU
NISL@THU
www.infosecurity-magazine.com
www.infosecurity-magazine.com
Attack and Defense Labs
Attack and Defense Labs
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Hacker News - Newest:
Hacker News - Newest: "LLM"
Microsoft Security Blog
Microsoft Security Blog
腾讯CDC
P
Proofpoint News Feed
B
Blog
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
K
Kaspersky official blog
I
InfoQ
Google Online Security Blog
Google Online Security Blog
L
LINUX DO - 最新话题
Project Zero
Project Zero
Engineering at Meta
Engineering at Meta
V
Visual Studio Blog
AI
AI
Schneier on Security
Schneier on Security
B
Blog RSS Feed
T
Tor Project blog
H
Help Net Security
H
Hackread – Cybersecurity News, Data Breaches, AI and More
L
LINUX DO - 热门话题
阮一峰的网络日志
阮一峰的网络日志
S
Security @ Cisco Blogs
T
Threat Research - Cisco Blogs
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
C
Cyber Attacks, Cyber Crime and Cyber Security
G
Google Developers Blog
Google DeepMind News
Google DeepMind News
V2EX - 技术
V2EX - 技术
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
A
Arctic Wolf
Webroot Blog
Webroot Blog
Recent Commits to openclaw:main
Recent Commits to openclaw:main

Network and Security Virtualization

Lateral Security for the Private Cloud – Leveraging the Power of Seamless Integration Tackling the 5Cs of Enterprise Security with the Advent of AI – Spotlight on Cloud and Automation Efficiency Next-Level Lateral Security for Your Private Cloud Optimizing NSX Performance Based on Workload and ROI Generative AI Meets Cybersecurity: Use Cases for Lateral Security and the SOC Migration Coordinator – Selecting the migration mode VPC: The Secure Bridge Between Application and Infrastructure Teams NSX V2T Layer 2 Bridging with NSX-T Projects VMware NSX Bare Metal Edge Performance
Cybersecurity, Cloud and AI: Top-of-mind themes heading into 2024
Shashi Kiran · 2023-12-18 · via Network and Security Virtualization

Recently I had the opportunity to host a group of forward-thinking CISOs, CIOs and other executive decision makers drawn from several enterprise organizations in the United States. The goal was to frame perspectives on trends and priorities emerging within their respective organizations while co-relating to broader industry trends.  Specifically, the intent here was not to x-ray the requirements of any single organization, but rather to identify, detect and understand patterns that could, in turn guide priorities over the next few years, benefiting the broader community. The discussions unearthed a lot of commonality in terms of shared pain points and higher order goals, and I thank the leaders that participated in the exercise, as well as the talented members of my team that came together to create a successful forum for discussion.

This multi-part blog series will summarize prominent patterns and insights that emerged from these sessions, that would hopefully serve as guideposts for the next 12-24 months, mostly in the areas of security, cloud infrastructure and deployment models.

Over a few sessions, broadly we had the cohort dive engage along three axis –

  1. The first was to really examine their top pain points. Issues, that if solved, would help move the needle for their organization.
  2. The second was to look at their investment priorities and where they were likely to place strategic bets.
  3. The third area was more forward looking, evaluating emerging trends and the vision they were likely to subscribe to.

Broadly the discussion centered around a few major themes. A bird’s eye view of these themes is distilled and highlighted below:

#1. Gen-AI: Not surprisingly, Generative-AI was a hot topic of interest. Everyone recognized that this was a once-in-a-generation inflection point. Not only were the executives keen to explore credible use-cases and points of intersection with their organization’s mandate, but they were also personally keen to learn about the topic as well. There was also widespread acknowledgement that Gen-AI could be double edged especially in the context of security. Later I’ll touch upon how Gen-AI performed along the three-axes I’d mentioned earlier as it was an interesting output.

#2. Lateral Security: While seemingly a mature topic, it was also deemed the most practical and where the investment was likely the highest. There was widespread acknowledgement that the attack surface had increased driven by the distributed nature of applications. The complexity in the data center resulting from a combination of the legacy and the modern was also discussed.

#3. Virtual Private Clouds (VPCs): This was a novelty in the case of the private cloud. The leaders were unified in looking at ways to deliver agility to their developers, without compromising on enterprise infrastructure and security guardrails. In this context, VPCs were a topic of interest and something they definitely wanted to dig deeper into.

#4. Cloud Operating Model: Perhaps overly simplified or cliched, the terminology represents the coming together of a simplified, consumption-based (as-a-service) approach to infrastructure and security powered by automation. In this context, the value of an integrated stack and the nature of the experience that could deliver was of considerable interest.

What is interesting is that all these areas transcended verticals reinforcing how security is such a big ticket item in organizations, regardless of the industry they belong to.  Large enterprises accumulate complexity due to the size of their organizations, their distributed nature (many of them are global), leadership changes, quest for organic growth as well as their pursuit of inorganic growth through mergers and acquisitions (M&A). The security stack becomes quite complicated and the desired effect sometimes is the opposite of the best intentions. Integration of the security stack itself is nirvana to many organizations. A thoughtful and proactive approach is required in such cases.

I’ll expand on the four themes in a subsequent blog, perhaps digging a bit deeper into #1 and #2 above as they appear to have the highest resonance for now. Needless to say, the topics all have multi-year relevance.

Finally, as organizations head into 2024 and indulge in planning cycles for the next year (and beyond), I hope some of these insights will prove to be of value.