Author’s call to action: if you think you already know this is a problem, then why do we keep reliving it? We’re doing our part open with Digital Rebar and we need more help to secure infrastructure using foundational automation.
There’s a frustrating cyberattack driven security awareness cycle in IT Operations. Exploits and vulnerabilities are neither new nor unexpected; however, there is a new element taking shape that should raise additional alarm.
Cyberattacks are increasingly profit generating and automated.
The fundamental fact of the latest attacks is that patches were available. The extensive impact we are seeing is caused by IT Operations that relies on end-of-life components and cannot absorb incremental changes. These practices are based on dangerous obsolete assumptions about perimeter defense and long delivery cycles.
It’s not just new products using CI/CD pipelines and dynamic delivery: we must retrofit all IT infrastructure to be constantly refreshed.
We simply cannot wait because the cybersecurity challenges are accelerating. What’s changed in the industry? There is a combination of factors driving these trends:
- Profit motive – attacks are not simply about getting information, they are profit centers made simpler with hard to trace cryptocurrency.
- Shortening windows – we’re doing better at finding, publishing and fixing issues than ever in the open. That cycle assumes that downstream users are also applying the fixes quickly. Without downstream adoption, the process fails to realize key benefit.
- Automation and machine learning – the attackers are using more and more sophisticated automation to find and exploit vulnerabilities. Expect them to use machine learning to make it even more effective.
- No perimeter – our highly interconnected and mobile IT environments eliminate the illusion of a perimeter defense. This not just a networking statement: our code bases and service catalogs are built from many outside sources that often have deep access.
- Expanding surface area – finally, we’re embedding and connected more devices every second into our infrastructure. Costs are decreasing while capability increases. There’s no turning back from that, we we should expect an ongoing list of vulnerabilities.
No company has all the answers for cybersecurity; however, it’s clear that we cannot solve this cybersecurity at the perimeter and allowing the interior to remain static.
The only workable IT posture starts with a continuously deployed and updated foundation.
Companies typically skip this work because it’s very difficult to automate in a cross-infrastructure and reliable way. I’ve been working in this space for nearly two decades and we’re just delivering deep automation that can be applied in generalized ways as part of larger processes. The good news is that means that we can finally start discussing real shared industry best practices.
Thankfully, with shared practices and tooling, we can get ahead of the attackers.
RackN focuses exclusively on addressing infrastructure automation in an open way. We are solving this problem from the data center foundations upward. That allows us to establish security practice that is both completely trusted and constantly refreshed. It’s definitely not the only thing companies need to do, but that foundation and posture helps drive a better defense.
I don’t pretend to have complete answers to the cyberattacks we are seeing, but I hope they inspire us to more security discipline. We are on the cusp of a new wave of automated and fast exploits.
Let us know if you are interested in working with RackN to build a more dynamic infrastructure.
Pingback: May 19 – Weekly Recap of All Things Site Reliability Engineering (SRE) | RackN