Decentralized Cybersecurity: Changing How We Think About IT

This blog post came about after repeated conversations, both with co-workers and customers of DNSFilter. I realized what we were talking about when we discussed the modern IT stack was really a decentralized cybersecurity program: A layered security architecture where an ecosystem of software would work together to protect and insulate your organization, specifically for endpoints. 

The need for this is twofold: 

  • Legacy solve-for-everything solutions just don’t work in 2021
  • A decentralized plan allows IT organizations to be agile, and for once embrace (or at the very least live with) the shadow IT that’s been feared for so long

We are not advocating for the death of IT departments. Instead, we want IT and cybersecurity to have a stake in the ground in every department.

Decentralized IT vs. Decentralized Cybersecurity

These are two different things, but you can’t have one without the other.

IT (and by extension, cybersecurity tools implemented by IT) is no longer separate from the rest of the business unit. Instead, it needs to be integrated. 

Decentralized IT is all about giving IT a stake in the ground in every department. That means an IT liaison in marketing, sales, finance, DevOps, etc. These liaisons take on special projects, such as building the infrastructure for large data warehouses and maintaining those systems. They are specialists, not generalists.

Decentralized cybersecurity is a product of decentralized IT. Where decentralized IT is the act of integrating IT within the business to give each department an invitation to the IT table, decentralized cybersecurity is the act of protecting users where they are. 

We are no longer protecting whole departments or an entire company at one level. We’re fashioning a security life preserver for each person (and endpoint). Everyone gets their own preserver instead of having large lifeboats on-deck ready to deploy. 

It’s not just remote work that has led to the need for personalized cybersecurity. Each user in each department (not counting the IT liaisons) is a specialist in their own right. Your marketing team might use a few shared tools, but there will certainly be one person who uses hardware or software unique to them.

You might be screaming “That’s Shadow IT!” at this point, but that’s where I’ll argue that this is just the way we need to all start working in 2022.

The goal is to put a cybersecurity infrastructure in place that enables individuals and their departments to work with agility. They can adopt the software and tools they need without waiting for IT sign-off, because their cybersecurity is already taken care of regardless of what they choose to use. Granted, there should be policies in place that dictate how new tools are installed and security measures that should be used whenever available (such as multi-factor authentication).

The modern tech stack, zero trust policies, and endpoint-first thinking are the centurions standing watch over all paths. 

Hybrid Work is the New Normal

We’ve all heard how the pandemic drove companies to rethink how they work. Most scrambled to find solutions to send employees home while maintaining the throughput expected at the office. With little time to plan for the mass exodus from the office the solutions were cobbled together haphazardly. Now is the time to take a step back and deal with the fallout because working remotely will continue. We may not see the levels of remote work we saw in March 2020. But as the new adage goes: “Work is where the laptop is”.

Shadow IT is not a Fad

I often read stories where IT battles against other departments bringing random SaaS apps into the organization like this epic reddit rant. Cloud offerings are easier to onboard, typically narrowly focused, and have their own support channels. 

SaaS is a staple of the modern org and IT departments need to accommodate. Gartner forecasts end-user spending on public cloud services to reach $396 billion this year—and grow 21.7% to reach $482 billion in 2022 and the pandemic has only intensified the trend. The “check with IT first” sentiment is real, but it’s an outdated paradigm that needs to change. There are many problems with IT being the gatekeeper of all digital assets in an organization:

  • Slows progress
  • Creates and emphasizes animosity
  • Disassociates department budgets

So how does IT keep the organization secure and retain flexibility?

IT has evolved to the point where shadow IT is just a part of life. We can optimize our security processes to account for the inevitability of shadow IT.

Webinar Resource: Security happens wherever your end users are.

Watch our on-demand webinar with DNSFilter's Product Manager Mikey Pruitt as dives more into the topic of decentralized cybersecurity and covers the following topics:

  • The current state of IT and the decentralized approach
  • Major cyber attacks in 2021
  • Rethinking shadow IT
  • Perimeter Defense and Detection & Response

Sign up to access the Decentralized Cybersecurity Webinar here!

  • There are no suggestions because the search field is empty.
Latest posts
DNS Price: Total Cost of Ownership Analysis DNS Price: Total Cost of Ownership Analysis

Mastering IT Budgets: How to Conduct a Thorough Total Cost of Ownership (TCO) Analysis of Your IT Infrastructure

In today's rapidly evolving technological landscape, enterprises are continually seeking ways to optimize their IT investments to enhance efficiency and reduce costs. One crucial metric that aids in this endeavor is the Total Cost of Ownership (TCO). Understanding TCO is vital for companies, especially when evaluating DNS solutions and...

The Real Price of Free DNS Services: What You Need to Know The Real Price of Free DNS Services: What You Need to Know

Domain Name Systems (DNS), essential for translating domain names into IP addresses, are the backbone of internet browsing. In a digital landscape where operational efficiency and security are paramount, the allure of free DNS services is understandably strong—especially among small to medium-sized businesses and tech-savvy individuals looking to optimize network security without substantial costs. This article aims to provide a comprehensive und...

RSAC 2024 Recap: The Start of a New Era with AI RSAC 2024 Recap: The Start of a New Era with AI

Last week was the 33rd Annual RSA Conference 2024 in San Francisco. If you’re in the cybersecurity industry, you know it as one of the biggest events of the year. There were over 40,000 official attendees and an equal number traveling to San Francisco to unofficially attend the event.

Explore More Content

Ready to brush up on something new? We've got even more for you to discover.