Thoughts on cybersecurity mesh architecture (CSMA)? Is it just a new buzzword or a genuine step up from Zero Trust and SASE?

Zero TrustSecuritySecurity Strategy & Roadmap+1 more
4.9k views1 Upvote3 Comments
Sort By:
Oldest
Sr. Director of Enterprise Security in Software2 years ago
The idea has a lot of merit. If you can consider your security strategy to be  puzzle pieces fitting together, rather than overlapping silos, there is much to be gained. Between better analytics, using "best in class" products specifically for their niche, and having the freedom to plug in solutions from various vendors, the idea seems really appealing on paper. I think it remains to be seen how the implementation will work, but much as we pushed for open APIs from vendors, having the ability to integrate your tools together to leverage them in a way that suits your use case the best, will be a market differentiator for a lot of products. 
2
CTO in Software2 years ago
It all has its place. I am for knowing your assets, understanding your risks, then using defense in depth strategies to apply protections based on asset's value.
lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals
Director of Enablementa year ago
Hot take: CSMA is SASE without a clear strategy.

SASE should focus on a convergence of technologies and vendor collapse to ensure consistent data context, while simplifying a typical chaos architecture.

CSMA typically takes point products and mashes them together with an overlay to help orchestrate each tier. What you end up with is generally a fragmented approach with a ton of kit you need to keep updated and patched.

CSMA is like a boat held together with duct tape. Sure it works, but you’re going to have to keep quite a few spare rolls on board if you want to sail

Content you might like

We are a large manufacturing company with over 17,000 associates, about half of whom have company-provided cell phones. We average two lost devices per week, which seems low, but executive management is concerned and wants to know if our numbers are typical compared to other companies. My questions are: 1. Do other companies also struggle with lost or stolen devices? 2. What is the average number of lost devices per week? 3. Are there repercussions for associates who lose devices due to carelessness or negligence?

Mobile Device Management (MDM)Mobile DevicesSecurity+2 more
VP of IT in Retail3 days ago
My previous organization implemented a strict one-strike policy for lost or damaged devices. While the first incident was considered an accident, repeat offenders were required to reimburse the company for the lost or damaged ...read more
82 views1 Comment

In the past 6 months, have you seen an uptick in targeted cyberattacks on telehealth devices and networks?

Security & GRCNetworkThreat & Vulnerability Management+2 more

No Increase16%

1-5% increase47%

6-25% increase24%

26-50% increase6%

51-75% increase1%

76%+1%

Other2%

View Results
1.7k views1 Upvote

Any recommendations for a comprehensive GenAI learning platform?

EngineeringData & AnalyticsSecurity Strategy & Roadmap+4 more
IT Manager in Constructiona month ago
Hello,
the topic is so broad, what are you focused on?
Read More Comments
4.8k views2 Upvotes5 Comments

Do you have any dedicated resources for vulnerability patching?

Threat & Vulnerability ManagementSecurity Strategy & RoadmapTeam & Organizational Design

Yes - one person46%

Yes - multiple people46%

No7%

View Results
3.1k views

Does anyone have information about Japan's ESPA (Economic Security Promotion Act) regulation and its applicability, and does anyone have any information on the consultants/assessors who can walk us through the process of complying? 

Peer InsightsSecurity Strategy & Roadmap
78 views