Years ago, cybersecurity focused on building a perimeter wall around the physical organization and network with traditional firewalls and anti-virus software. When people started taking laptops and mobile devices on the road, policy-based security was extended to assets outside the organization. Today a change occurred when the cybersecurity mesh trend was introduced.
So, what exactly is a Cybersecurity Mesh?
Cybersecurity mesh is a distributed architectural approach to scalable, flexible and reliable cybersecurity control. Many assets now exist outside of the traditional security perimeter, let think about cloud asset, container, mobile application and mobile device, tablet, Internet of Things (IoT)/Internet of Behaviros (IoB), ICS/SCADA, Bring your own device (BYOD). Cybersecurity mesh essentially allows for the security perimeter to be defined around the identity of a person or thing. It enables a more modular, responsive security approach by centralizing policy orchestration and distributing policy enforcement. As perimeter protection becomes less meaningful, the security approach of a “walled city” must evolve to current needs.
The concept of cybersecurity mesh recognizes that networks have no physical boundaries. Organizations need to build a security perimeter around each individual user, allowing them to securely access assets from any location and device. In this model, policy enforcement would be performed through a cloud service at the asset itself rather than a device.
More specifically, a Cybersecurity Mesh involves designing and implementing an IT security infrastructure that does not focus on building a single ‘perimeter’ around all devices or nodes of an IT network, but instead establishes smaller, individual perimeters around each access point.
Ideally, a Cybersecurity Mesh can establish a more robust, flexible and modular approach to network security. By ensuring that each node has its own perimeter, this allows IT network managers to better maintain and keep track of differentiated levels of access to different parts of a given network, and to prevent hackers from exploiting a given node’s weakness in order to access the broader network.
E-SPIN in the business of consulting, supply, project management, training and maintenance support enterprise ICT solutions for corporation and government customers across the region E-SPIN Group do business, since 2005. Feel free to contact E-SPIN Group for the project initiative and requirements.