DevSecOps, Machine Learning and Beyond: How IT Security is Changing

Cybersecurity threats are changing, and so are the tools and strategies available for combating them.

If you want to keep infrastructure and software secure, you need to familiarize yourself with concepts like machine learning and their role in IT security.

Today's security threats are wildly different from those of the past.

If you pay any attention to the news, you already know that.

In the past, computer viruses amounted to a nuisance, more than a grave threat.

They disrupted local systems rather than entire networks.

They were generally not hard to spot.

Today, however, it's common for attackers to target mission-critical systems with malware that shuts them down entirely, or, as was the case in this month's ransomware attack, charges large amounts of money in order to restore access to critical data.

New Security Paradigms

Fortunately, along with the new generation of IT security threats comes a new set of paradigms for preventing and responding to attacks.

Today's security landscape is defined by trends like the following:

• Immutable infrastructure. Technologies like Docker containers enable immutable infrastructure. By design, immutable infrastructure cannot be modified once it is running unless you wipe it out and create an entirely new version. From a security perspective, immutable infrastructure is an advantage because it makes it easier to detect anomalies that could signal a threat. When there is no legitimate reason for a running application to be patched or modified, changes stand out more clearly.
• The DevSecOps (or Rugged Ops) concept. This is an extension of the DevOps philosophy. DevSecOps emphasizes the importance of integrating the security team into all parts of software development and deployment, rather than leaving them disconnected. When security experts are involved in designing, testing and managing code, they stand a better chance of helping an organization to discover and fix vulnerabilities before software goes into production.
• Machine learning. Relying on humans to detect and interpret security problems is error-prone and doesn't scale. For that reason, today's generation of security tools leverage machine learning to detect and respond to anomalies automatically.
• Automated security policy configuration. If you want to create large software environments, you can't configure security policies for them manually. You need to rely on automated tools that use machine learning to generate and update security policies automatically, in real time.

Embracing these concepts is key if you want to thrive in the face of today's security threats.

The recent spate of breaches shows that old-generation security practices are not working.

While perfect security is not possible, strategies like those outlined above bring it closer.