I have managed my firewall for 20 years, so why change it now?
This is a question we hear many people ask themselves. Firstly, the relentless move to the cloud means that more and more, sometimes 100% of all your applications are online. This means that your office/factory is now dependent on access to the internet 24*7. Before the cloud, if the internet access went down, people could not email externally, but the day continued. Now, everyone has to go home to work if the internet is down. But in a hospital or a factory, this is not an option. Rising energy costs, for example, make minute-by-minute automated decision-making more critical, making us less tolerant of downtime. The rise of AI in industrial applications connecting to many more external data sources means firewall downtime is becoming exponentially more costly to your business.
What is a firewall, and how has it changed?
Twenty years ago, it was a “special appliance” that only allowed certain types of traffic in and out. Logging and 24*7 monitoring were rare things; it was pretty much something you could configure and forget. Today, internet crime exceeds $8tn per annum; the firewall has to defend against 10’s millions of criminal domains and phishing attacks, changing at millions per day. The firewall is no longer an on-premise device; it can be on-prem but also cloud-based. WAF (Web Application Firewalls) operate at the application level, while DDoS (Distributed Denial-of-Service) protection is only effective in the cloud. Protective DNS (PDNS) is a highly efficient way of deploying actionable threat intelligence to protect people and OT devices. It is recommended by the UK Government for all UK Government and CNI uses. These facets and features are part of a modern firewall portfolio, far from being a hardened IT appliance in the server rack in the office.
The second thing we should look at is a biological issue, not a technical one. Experienced people are becoming hard to find and must be deployed on the most critical issues. Recent matters that brought down a significant % of the world’s IT demonstrate that checking updates before deployment or phasing in changes is essential to business continuity. In the firewall world, maintaining the latest stable code version is necessary for your defences and staying in compliance with Cyber Essentials, ISO27001 and other standards. We know that most ransomware happens when staff are at home or going home; 24*7 support is, in our view, mandatory at that critical moment when ransomware happens, and the SOC/mXDR team shout “disconnect from the internet”, waiting until 9 am or when on-call staff can be located is way too late.
Takeaways
If you are a busy CIO, you must be in the best position for ransomware while many of your services will move to the cloud. Managed Firewall (FWAAS) allows us to complete this picture as you pivot you and your team to the strategic challenges of AI while managing the deployment of trusted third parties to ensure that you are genuinely running 24*7*365.
If you would like to learn more about how Sapphire can support your organisation’s cyber resilience, get in touch with us.