A Complete Cybersecurity Mesh Architecture Checklist for CISOs
Feb 20, 2023
Feb 20, 2023
4 min
The cybersecurity mesh architecture (CSMA) proposed by Gartner attempts to define a framework that achieves the objective of an integrated approach that is flexible, scalable, and risk based.
Young-Sae Song
CMO
This webinar will cover:
Every year security leaders purchase new products to help protect against the latest attacks. An increasingly popular, emerging viewpoint is that one of the best ways to improve a company’s security posture is not keep adding specialized, new products but to have them work better together as part of an ecosystem of solutions. Many security products were purchased for a specific purpose or threat, and this has created an architecture that is a collection of siloed solutions. Adding additional products may take care of a specific threat, but it adds complexity operationally.
The cybersecurity mesh architecture (CSMA) proposed by Gartner attempts to define a framework that achieves the objective of an integrated approach that is flexible, scalable, and risk based. Actionability is prioritized by risk using contextual data that is pulled from multiple systems constantly rather than only at decision gates. To achieve this, CSMA takes an identity first security approach and makes identity controls the foundational element rather than the legacy perimeter controls such as endpoints, networks, and application infrastructure.
The following checklist has been developed for security leaders considering a CSMA framework based on Grip Security’s work with hundreds of CISOs and incorporated into the industry’s first SaaS security control plane solution (SSCP). The SSCP helps companies create a composable identity fabric that unifies a company’s identity and access management infrastructure and presents a consolidated dashboard.
Implement Identity-Based Discovery
As companies become more decentralized, data is everywhere and accessed from anywhere. The traditional, physical control points, i.e., endpoints, networks, and privately hosted applications, have become obsolete as the world moves to SaaS. As a result, identities have emerged as the ultimate control point and now defines the enterprise perimeter. Identity-based discovery enables an identity fabric and is foundational to a cybersecurity mesh architecture framework.
Understand How Identities are Being Governed
Companies have multiple identity security products, and it is not always clear which ones are being used. For example, applications governed by single sign on are sometimes accessed with a username and password. Similarly, password managers are known to have low adoption among users, rendering them essentially useless. Mapping out the role and purpose of each identity security product helps companies understand where and how identities should be governed. This is also important as an input for the identity fabric in the cybersecurity mesh architecture framework.
Identify data used in SaaS applications
The growth of SaaS has exploded, and most companies do not have a complete inventory of all applications being used in the company. Identifying the data used in SaaS is important because it helps organizations understand the security risks and implement the appropriate security controls to protect it or to maintain compliance in certain industries. Monitoring the data risk should be done on a consolidated dashboard consistent with the cybersecurity mesh architecture approach.
Monitor the growth of identity sprawl
Identity sprawl refers to the phenomenon where the number of digital identities in an organization grows rapidly, creating challenges for security teams in managing and securing them. The primary driver for identity sprawl is ungoverned SaaS, which is growing rampantly in all companies. Controlling and securing identity sprawl requires the coordination of multiple identity security products, and creating an identity fabric, as defined by the cybersecurity mesh architecture, can help security teams do this efficiently.
Track change in SaaS risk over time
SaaS use changes over time, with new applications being added daily while some applications are used less or not at all. The result is a changing SaaS risk landscape that is constantly evolving, with risks emerging or evolving rapidly. The cybersecurity mesh architecture does not explicitly define SaaS risk monitoring as a requirement, but it can be done through a consolidated security analytics and intelligence layer that combines data and insights from various security tools, provides analysis, and triggers appropriate responses.
Prioritize identity-based risk
Prioritizing cybersecurity based on identity risk is important because it focuses on protecting the most valuable and vulnerable information in your organization - users' identities. Cyber criminals are increasingly targeting user identities because they can use stolen identities to gain access to sensitive data, networks, and systems. The cybersecurity mesh architecture advocates prioritizing mitigation and remediation based on identity risk. This helps to identify and prioritize the protection of the most critical assets and ensure that the company is investing resources in the areas that need it most. The result is a more efficient and effective allocation of resources.
Grip SaaS Security Control Plane
The Grip SaaS Security Control Plane (SSCP) unifies identity security and helps all the various systems work together in a cohesive strategy for all types of SaaS or web apps, whether they are being accessed from managed or unmanaged devices. Identified risks are prioritized with clear, actionable remediation steps that are automated and deliver definitive security outcomes. The product gathers the critical identity risk factors into a consolidated dashboard to provide a complete, holistic view of a company’s identity risk.
Grip Security's SaaS Security Control Plane (SSCP) helps companies move towards a cybersecurity mesh architecture by providing a solution to this problem by unifying identity and access management silos into an identity security fabric. The SSCP centralizes the administration of identity controls, analytics, and operations with decentralized policy enforcement. This results in a prioritized, automated, and definitive view of identity risk, which is customized to each company's specific needs. The SSCP is also designed to integrate with other systems, such as security, IT, and network control points. The product is easy to install and can provide an immediate return on investment.
Gain a complete view of your SaaS usage—including shadow SaaS and rogue cloud accounts—from an identity-centric viewpoint. See how Grip can improve the security of your enterprise.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Text for webinars more technical details on how you can get a Grip on your SaaS Security.