In this interview we are going to talk with Drew Simonis, Chief Information Security Officer at Juniper, a multi-awarded company developing industry-leading software powered by artificial intelligence that helps Fortune 500 firms, like Aston Martin and Zoom, solve cybersecurity problems before they happen.
He will guide us through Juniper’s extensive offer of security products, after which he will give some tips on the most common vulnerabilities in 2022 and the most recent cybersecurity trends.
Please describe the story behind Juniper: How did it all start, and how has it evolved so far?
Since 1996, Juniper Networks has worked to simplify the complexities of networking with our products, solutions and services. Our founder, Pradeep Sindhu, realized the impact routers could have on a network, which culminated in us releasing our first product, the M40 router, in 1998. Since then, we’ve scaled from a small startup to a public company with over $4.7 billion in revenue. We co-innovate with our customers and partners – including some of the world’s top cloud providers, universities, banks, retailers and tech companies – to deliver automated, scalable and secure networks with agility, performance and value. Our business has continued to evolve and diversify over the years, nicely splitting between telco, hyperscalers and global 100 enterprises. Through the acquisition of AI-driven wireless company Mist in 2019 and three additional acquisitions in recent years, we’ve been on a journey to transform into a software-led company to stay true to our vision to provide Experience-First Networking for our customers.
Can you give us an overview of your network security products?
Juniper’s Connected Security portfolio includes solutions for SASE (Secure Access Service Edge), next-generation firewalls, threat detection and mitigation, secure SD-WAN, public cloud security, Zero Trust data center and service provider security. Most recently, Juniper announced new Secure Edge Cloud Access Security Broker (CASB) and Data Loss Prevention (DLP) capabilities to simplify SASE, becoming the first vendor to provide users full-stack SASE with visibility into the edge and data center.
In your opinion, what are the key elements that make a network really secure?
A secure network has three important attributes: visibility, control and management. First, it is important to be able to understand how the network is designed and how it is desired to function. This includes what should be connected to what and how those connections are established. This isn’t trivial because oftentimes, branch offices or other locations will be found that have added things like local internet breakouts.
To add to the complexity is the increased prevalence of remote work, where endpoints live on home networks without any visibility. This plays into the control piece – the intent of the network needs to be able to be enforced in a way that is as transparent to the users as possible. Fundamentally, if security breaks users, they will break security. Therefore, things like next-generation firewall services need to be well-considered in placement and policy.
The third element, management, is vital. All the visibility and controls need to be sustained and done so in a way that minimizes the administrative burden, maintains the integrity of the controls, provides fast response times to change requests and ensures good overall performance.
In your experience, what are the typical vulnerabilities that online businesses fail to address?
In my experience, businesses don’t spend enough time on secure design or defensive coding and they often struggle with good management process. The combination of these things puts the organization in a precarious position because a less secure design is inherently more prone to a wide range of issues – from bad access control to the myriad of flaws in commercial and open source software. Often, poor design leaves few workarounds or mitigating factors that could limit the exposure of those issues.
This means the company is reliant on rapid response to eliminate the issue, once identified. However, all too often, ad hoc processes are used, which tends to be resource and time intensive. In addition, it is human nature for more mistakes to be made when under a time crunch. The more issues that can be eliminated during the “design and build” phase, the less stress there will be in the “manage and run” phase.
How do you see cybersecurity evolving in the next few years?
“Evolving” is the right word. We are in the early days of some pretty major changes: Zero Trust, EDR/XDR, orchestration/automation, cloud migration and even AI. Many of these are multi-year undertakings and I think we will soon start to move from the growing pains of them into full size adoptions. Zero Trust especially is being implemented in so many ways that I think we will see more standardized architecture, practices and supporting technologies emerge.
We are also getting smarter about the need for speed in areas like monitoring and response and we will move from automating existing processes to really redesigning how we do work in the context of orchestration. This includes really linking security together with IT orchestration as it matures. AI is the wild card as there are many prerequisites, not the least of which is getting the right visibility and data for a model to really understand an enterprise network. Then, we need to grow comfortable with automated decision-making. For those reasons, real wide use of AI for security might be more than a few years away.
Lastly, what’s in the future for Juniper?
Juniper’s goal is to help organizations take the complexity out of their networks and deliver superior customer and end user experiences. Our mission statement is to “power connections and empower change” with our experience-first networking solutions. With Juniper Connected Security, we’re here to support enterprises, service providers and cloud providers with making their networks threat-aware to keep attackers at bay and the network clear for business-critical traffic. Juniper is dedicated to helping customers on their transitions to a SASE architecture, no matter where they are at in their journey.
We’ve also continued to build toward a true self-driving network that eliminates busy work and allows IT teams to focus on more fulfilling tasks. Juniper designs AI-based products and solutions with the goal of solving networking and security problems.