(Source – Shutterstock)

Can CSMA improve cybersecurity visibility and protection?

The biggest buzzword in cybersecurity right now is the cybersecurity mesh architecture (CSMA). An architectural approach proposed by Gartner, CSMA promotes interoperability between distinct security products regardless of location to achieve a more consolidated security posture.

Analysts from Gartner predict CMSA to be a top technology strategic trend in 2022. In fact, Gartner believes that by 2024, organizations adopting a CSMA will reduce the financial impact of security incidents by an average of 90%.

With networks becoming complex and increasingly distributed, one of the biggest problems in responding to cybersecurity issues. Many companies deploy a range of point security solutions with the goal of addressing specific security risks. However, this creates a security silo. Not only will solutions become complex, but they will also be difficult to monitor and manage, leading to missed detections and delayed responses.

According to Daniel Kwong, Fortinet’s Field CISO for Southeast Asia and Hong Kong, CSMA is basically a unified management platform on how to handle different types of security tools on a single pane of glass.

Designed for the shift towards hybrid, multi-cloud environments where organizations may need to deploy consistent security across diverse, evolving, and expanding IT environments, CSMA defines a framework in which discrete security solutions can work together towards common goals. CSMA enables a more collaborative, flexible, and scalable approach to meeting evolving security needs.


Daniel Kwong, Fortinet’s Field CISO for Southeast Asia and Hong Kong. (source – Fortinet)

Kwong pointed out that while zero trust, SASE, and other solutions are concepts in cybersecurity to protect the infrastructure, most of them are all in a silo. CSMA brings it all together to deal with threats, which is why its viewed as a unified approach to cybersecurity management.

“CSMA allows intelligence to be implemented or deployed when there is a serious attack. For example, during the Log4J vulnerability last year, the intelligence to deal with it can be seamlessly wired through the CSMA to be deployed to all products for better security measurement,” commented Kwong.

Kwong also pointed out that when it comes to cybersecurity solutions, most cybersecurity vendors develop them based on the latest technologies available. For example, now that AI is available, most cybersecurity products are built to use AI. While this is revolutionary, the problem is, the integration of the product with different product points is often not considered.

CSMA and Security Fabric

Interestingly, Kwong highlighted that Fortinet’s Security Fabric is almost the same as CSMA. Having been around for almost a decade, Fortinet spearheaded the doctrine that a broad, integrated, and automated cybersecurity mesh platform is essential to reducing complexity and increasing overall security effectiveness across today’s expanding networks.

New and increasingly complex trends, like remote and hybrid working, are the perfect use cases for a unified security mesh architecture. These modern working models require multiple solutions to work together across a dynamic set of campus and data center assets, distributed home offices, and cloud-based applications.

With that said, Kwong explained that be it CSMA or security fabric, the most important thing for organizations to have is visibility.

“When people talk about cybersecurity, they always jump into protection. But they need to understand and realize that visibility is more important. Without visibility, we keep adding solutions and will be not if the organization is really being protected,” added Kwong.

As such, once there is visibility and zero trust, there will be a need to increase the security posture. This is where a CSMA approach can be used to deploy to all solutions. For example, AI automation would be able to provide faster responses to any threats through CSMA.

In short, a broad, integrated, and automated cybersecurity mesh platform will provide centralized management and visibility, as well as be able to support and interoperate across a vast ecosystem of solutions, and automatically adapts to dynamic changes in the network.