Home / Cybersecurity / Palo Alto Networks’ Rick Howard: Agencies Should Include Legacy System Security in Cyber Strategy

Palo Alto Networks’ Rick Howard: Agencies Should Include Legacy System Security in Cyber Strategy

Rick Howard

Rick Howard, chief security officer at Palo Alto Networks (NYSE: PANW), said agencies can avoid complexity by leveraging the same security platform that they already have deployed to protect their perimeter, their mobile devices, and their data centers in the cloud-based services they are moving to. He refers to these environments as data islands and to reduce complexity, network defenders should use the same security platform in each as opposed to using different security tools for each island.

He said that adopting a DevOps and DevSecOps mentality will help agencies move away from their tired legacy systems that have been on life support for years and refresh them in these new cloud environments. But don’t try to boil the ocean all at once. Pick small projects to automate in the cloud first. Learn as you go and slowly move your entire infrastructure to the cloud.

Howard called on agencies to reduce the attack surface by implementing a zero-trust approach that limits exposure. Your system should easily implement rules (like the marketing department can go to Facebook but nobody else can). If it can’t, you need a different system.

From a network defender’s point of view, the whole point to moving to the cloud is to reduce the probability of material compromise for your organization. Using the DevOps and DevSecOps philosophy and adopting a single security platform for all of your data islands will greatly reduce the complexity of your environment and consequently will reduce the cyber risk to your organization.

Check Also

Honeywell Awarded $111M to Provide Hardware for Army Tank Engine Overhaul

Honeywell (NYSE: HON) has received a potential $110.9M contract modification to provide hardware required to overhaul engines that power the U.S. Army's Abrams tanks. Services under the contract are intended to address Advanced Gas Turbine 1500 production requirements at Anniston Army Depot and support field repair efforts under the Total Integrated Engine Revitalization program, the Department of Defense said Thursday.

Amyx Secures $105M in DHA Program, Acquisition Support Contracts

Amyx has won a pair of fixed-price contracts worth $104.7M combined to support procurement and program management functions at the Defense Health Agency.