Juniper’s CISO Discusses the Evolution of the SOC

In this interview, Juniper Networks’ CISO talks about the security challenges she and her peers are facing, and why it’s critical to have an overarching security approach.

juniper sherry ryan2crop

Sherry Ryan, VP and CISO, Juniper Networks
Sherry Ryan joined Juniper in 2013. Previously, she was CISO of Blue Shield of California and, before that, HP. She also has held high-ranking IT security positions at Safeway and Levi Strauss. In this interview, Sherry talks about the evolution of the Security Operations Center and the value of a Software-Defined Secure Network.

What are the predominant security challenges facing enterprise CISOs today?
Regulatory environments and requirements are becoming increasingly complex. They’re a huge challenge for organizations as countries and individual states in the U.S. add new privacy and cyber laws.

Another challenge and big concern for us is that customers have greater expectations in terms of the security of their data.

We’re also seeing escalating threats and a rapidly evolving technology landscape. Everything is currently in or moving to the cloud now. And while there are many innovative solutions in the security space, they’re typically just point solutions.

On top of all this, there’s a major shortage of skilled security talent.

How has the enterprise Security Operations Center (SOC) evolved in the past decade, and what is driving these changes?
Ten years ago, SOCs didn’t know what their mission was. They didn’t know what to do with all the data they were getting from firewalls, intrusion detection, and protection systems. And they certainly couldn’t handle unknown threats. So SOCs took on other tasks to prove their value to the rest of the organization. For example, they might have ordered new SSL certificates for servers throughout the organization, added and deleted users, granted access to applications and devices across the network, and the like. Following the trend of mega breaches, today’s SOCs are focused sharply on incidents and threats coming at the enterprise.

Also, 10 years ago there wasn’t much in the way of automation, so events tracking was done manually in spreadsheets. Today, SOCs use automation, including tools to help them detect, alert, handle responses, and mitigate. This has enabled SOCs to take on higher-level defense tasks.

Does the growing complexity of enterprise networks require security professionals to adopt new strategies to effectively secure data and other assets?
Absolutely. With the kinds of tools and automation we have today, we can take a more holistic view of the network. And even though our networks are becoming more complex, newer technologies and architectures make it easier for us to understand what’s where in the network and the state of security across that network. The innovative, new automation capabilities allow us to achieve that continuous state of protection.

How can Software-Defined Secure Networks (SDSNs) help enterprises provide protection across multi-platform, multi-vendor, multi-site environments?
SDSN essentially self-drives security for the network. It enables SOCs to centralize and automate security, giving them the ability to move beyond the days when you had a strong perimeter and would focus on prevention. In the modern organization, we don’t have the luxury of having a strong perimeter, so we have to focus on improving our ability to detect outside and inside threats and respond to them quickly. And that’s exactly what the SDSN does.


Copyright © 2017 IDG Communications, Inc.