Across the IT industry, there is a realization that applications are becoming increasingly vulnerable to reputation and revenue-impacting security breaches. The shift to modern, distributed applications has left IT teams managing significantly expanded attack surfaces but without the right tools, insights and processes to do so effectively.
“In order to securely develop and deploy modern applications, organizations need expanded visibility into cloud native environments.”
Gregg Ostrowski, CTO Advisor, Cisco AppDynamics
Organizations are reporting a massive uplift in security threats within their Kubernetes environments, with bad actors identifying vulnerabilities and targeting them with increasingly sophisticated attacks. A study by Red Hat found that 93% of businesses have experienced at least one security incident in their Kubernetes environments in the last 12 months — and 31% have experienced financial or customer loss as a result. And Aqua Security recently reported that Kubernetes clusters associated with more than 350 organizations, open-source projects and individuals are openly accessible and unprotected — and more than half of these have already been the target of an active crypto-mining campaign.
Without doubt, the move to modern application architectures has ruthlessly exposed the limitations of traditional approaches to application security, where security is too often overlooked until the very end of the development process, and developer and security teams operate in isolation. It has also highlighted the shortcomings of siloed vulnerability scanning solutions which don’t provide IT teams with full or unified visibility across their application landscape, and particularly within Kubernetes environments.
Application owners are urgently looking for new solutions to manage the soaring levels of security risk and complexity they’re facing across an ever more fragmented and dynamic application landscape. To triage issues and align IT teams as fast as possible, organizations need to know where vulnerabilities exist, how likely it is that they will be exploited, and how much business risk each issue presents. But, in most IT departments, this simply isn’t possible at the moment.
The benefits of business risk observability
In order to securely develop and deploy modern applications, organizations need expanded visibility into cloud native environments. IT teams need to be able to correlate security issues across application entities (including business transactions, services, workload, pods and containers) to quickly isolate issues and rapidly apply fixes to reduce meantime to remediation (MTTR).
Technologists need both a comprehensive overview of their application security issues and granular detail of where and how a vulnerability could impact critical areas of their application.
But this level of security data on its own isn’t enough for IT teams to cut through the overwhelming volumes of alerts and issues that they’re encountering on a daily basis within their Kubernetes environments. On top of this, they also need business context on their security findings, to rapidly locate, assess and prioritize security risk and remediate issues based on potential business impact.
With business risk observability, organizations can bring together application performance data and business impact context with vulnerability detection and security intelligence to identify which business transactions present the greatest risk to the business. They can generate a business risk score for all vulnerabilities which allows teams to prioritize those issues which could do most damage to the business — for example, those which involve the most sensitive customer data.
Crucially, business risk observability brings together applications and security teams around a single source of truth for all application availability, performance and security data. In the era of zero-day threats, where all teams need to work cross-functionally on secure deployments of modern applications, business risk observability provides a platform for a DevSecOps approach within the IT department. Security can be integrated into the application lifecycle from the outset, with development teams adhering to the organization’s most critical security priorities and embedding robust security into every line of code. This results in more secure applications and easier security management, before, during and after release.
The move to business risk observability is gathering pace
With cloud native infrastructure teams under the pump to manage a constantly evolving risk landscape, there is a growing groundswell of demand for business risk observability. Recent research from Cisco found that 93% of technologists now regard having the ability to contextualize security and to prioritize vulnerability fixes based on potential business impact as important.
IT teams are acutely aware that they need to implement new solutions and adopt new ways of working to handle rising threat levels within Kubernetes environments. Indeed, with Gartner predicting that 95% of new digital workloads will be deployed on cloud native platforms by 2025, the scale of this challenge is only going to increase. Organizations can’t afford to delay on this — with application security now the foundation for brand trust and loyalty, the consequences of a security breach are potentially catastrophic.
Business risk observability provides application owners with an effective response to this growing threat, enabling IT teams to observe, prioritize and act on security issues to accelerate response times and keep their organizations and customers safe at all times.