Digital Transformation
Showing results for 
Search instead for 
Did you mean: 

Why Converged Security matters: you locked all the doors but your window is open


Anyone remember Nimda, Code Red or Blaster?


At the time when Nimda and Code Red struck (2001) I was working as a web application manager. Within hours of the worms attacking, it was all over the news and within 24 hours we had web pages up, advertising enhancements to our security scanning service that could handle these new infections.


Fast forward to 2013 and the Target security breach.  Hackers began their attack some two months before they actually began to steal credit card data. On Nov 27th they made it into Target’s network, but it was not until Dec 18th – more than three weeks later – after being notified by the authorities, that Target publicly acknowledged the attack.


Keeping pace with the security threats


In essence, the bad guys are getting better and we are not keeping up. So how can a bunch of criminals defeat some of the most sophisticated technology available today? The reason is simple: the bad guys have moved on. They are no longer trying to break down the door or pick the front gate lock; they just come in through the open window. Research suggests that 84 percent of attacks occur against applications and that it takes 27 days on average to detect and remedy an attack.  It would seem that we are either looking the wrong place or don’t fully understand what we are seeing until it is often too late – or both.


Corporate IT is spending billions on anti-virus software, IDS and firewalls. But how many enterprises are spending any money at all in integrating security and monitoring or building security into their application development lifecycle? Unfortunately, the answer is not many. Research suggests that we spend five-times more on perimeter defense than on internal controls. 


For most IT organizations, IT security is in its own functional silo. This is like thinking that healthy living means you only need to go to the gym. If you smoke, drink excessively, eat unhealthy foods or live a stressful life, chances are you will get sick, even if you can bench 150 pounds or run a six-minute mile. Security is no different. The bad guys will find a way in unless security is approached holistically and woven into the entire IT value chain.


This is why Converged Security matters.



So what is Converged Security? This is best illustrated visually


 Miron_why converged security matters pt 1.png


Converged Security brings security practices, disciplines, considerations, processes and tools into “mainstream IT” to help organizations become proactive in reducing the risk to their businesses.


The pillars of Converged Security


We, at HP, have identified 4 main use cases for Converged Security:

  • Secure asset lifecycle management
  • Augmented cyber operations
  • Security  compliance & automated remediation
  • Secure application  lifecycle management


In the following blogs, I will expand on each of these use cases and describe them in more detail.

0 Kudos
About the Author



Nice post, Miron.


It's interesting to notice that you talk about the need for IT Ops and Security to have a "single version of truth" - which is essentially the same as saying that they have shared models and shared views onto the states of those models. They don't necessarily need to see the same details of each model of its state, but they must both be looking at the same model.


This is EXACTLY the same point made by Shamim Ahmed in the post below yours on Dev Ops. In order to achieve continuous "everything" from build thru to run, we must have the same model and the same view onto the state of that model. 


I think that one of the key point with Dev Ops is that it's very difficult to get anything continuous unless you have automation. And the key cost, the work "hump" we have to get over, in order to get automation is modeling that automation. And automation is based on the models we have - the model of the app, the model of what and how we test the app, and the model of what we have put the app onto when it goes into production. 


Once we have a common model, augmented as we go from build thru test and into production, modelling the automation becomes as easy as it can be. 




thanks for your comments, Mike.

I am not surprised Shamim's post and mine put forward similar views. We both have been, for a while now, talking about the IT Value Chains, and we are not alone. This paradigm has been validated with customers through the joint work done in the IT4IT Consortium. The main thrust is that there are 4 value streams which form the underpinning of any IT organization. Models and data and how different entities such as defects, service requests or incidents are processed along the chain is central. So you are right in your statements about a common model. But there is more than that. The value chain approach is what makes automation really deliver value.

If you look at IT as a manufacturing company you begin to realize that while pockets have been automated, in reality the impact is often muted since automation was not implemented with an end-to-end view. DevOps is case in point. While the Dev side has automated and optimized, apps are not getting to users much faster. This is not because the Ops side is not automated but rather because it is not autmated where it is needed. The IT value chains give you this end to end view that everyone can align to, bearing in mind that alignment is not just on process and hand off points but also on KPIs and metrics.

I have elaborated on this topic in a white paper called "From futile to agile".

This is why I am saying that Security cannot just be an overlay. You need to look at the IT value chains and figure out where and how you will integrate security in a manner that will allow you to be proactive. When security "happens" because it is built into the value chain, it has much better chances of success




Interesting approach to deal with increasing security threats facing enterprises.


In my view, there is need to re-define the NEW WAY OF SOC (Security Operations & Control), which means, a new definition to skilling resources, use of the technology and data interpretation / analytics requiring a combination of the security fundamentals covering Apps to Ops and conventional ops mgmt.


Traditionally, SOC and NOC remained separate, so that data in SOC is not accessed by NOC.  However, this approach defines convergence and hence a need for redefine the approach holistically, which truly is an IT Risk Management approach and should be fulfilled within the boundaries of the regulatory polices applicable for each industry.


It would be good elaborate on how we are addressing the regulatory requirements as well.


Jan 30-31, 2018
Expert Days - 2018
Visit this forum and get the schedules for online HPE Expert Days where you can talk to HPE product experts, R&D and support team members and get answ...
Read more
See posts for dates
HPE Webinars - 2018
Find out about this year's live broadcasts and on-demand webinars.
Read more
View all