A string of high-profile cybersecurity data breaches have compromised the information of more than 1 billion people, and that’s just in 2018 alone according to Avast Blog. It is not surprising that panelists at the first-ever Mizuho Cybersecurity Summit report budgets are healthy these days, accounting for five to ten percent of total IT spend for many organizations. So what are companies spending their money on, when it comes to securing their networks?

The inaugural summit, hosted by Software Equity Research Analyst Gregg Moskowitz, featured an in-depth Chief Information Security Officer (CISO) panel discussion with large customers in the financial, healthcare, and home construction industries, and found some resounding themes.

Trust “Zero Trust”

“Zero Trust” refers to an alternative architecture for IT security in which even an organization’s internal network should not be automatically deemed trustworthy. Conventional security models focus on a network’s boundaries, monitoring for external threats that seek to penetrate the network. But attacks are now more sophisticated and insider threats are more common – meaning that new security measures are needed to monitor, prevent, and stop threats from spreading.

While the zero trust framework has been around for many years, it has gained significant momentum in the past two years – becoming more important particularly as organizations move to the cloud. According to the panelists, it is viewed by many as a wise cybersecurity approach, and more and more companies are choosing it as the best method to maintain secure networks.

No Cloud is Alike

Transitioning from reliance upon on-premise servers and computer hard drives, to that of remote internet-based servers for data storage, helps companies save money and reduce risk. The panel agreed that it’s important to embrace the cloud, but it also became clear that companies aren’t adopting cloud-based technologies in uniform fashion.

Some companies, for example, are in the process of a major, comprehensive cloud transformation, while others opt for private cloud architecture and virtualization. The distinction in terms is greater than their names might imply. While cloud transformation connects various storage and networking systems into consolidated resource pools, private clouds use virtualization to segment one server into multiple environments. The underlying infrastructure is largely the same, but each method differs in how it is controlled and deployed.

Firewalls Remain Important

As has long been the case, firewalls are a critical component of any security suite, but according to Gregg Moskowitz, there has been a clear and ongoing trend in the last two to three years toward virtual firewall purchases as opposed to physical. As their names imply, virtual firewalls are software-based and operate entirely within a virtual environment, while physical firewalls are more expensive hardware that contain an operating system and have ancillary security functionality.

Some companies utilize a substantial number of virtual firewalls, while other organizations still predominately leverage physical firewalls for their large environments. However, it isn’t necessarily an either/or scenario: virtual firewall deployments continue to be largely expansionary in nature rather than cannibalistic at this time, says Moskowitz.

 

Mizuho Americas is a leading financial institution comprising several legal entities that offer services which include corporate and investment banking, financing, securities, treasury services, asset management, and research. If you are interested in learning more about Mizuho's Equity Research offerings, please call Mizuho Securities USA LLC at +1-212-209-9300.