Q&A: Creative Artists Agency – Adaptive Security for This Agile Team
CISO Jeff Blair discusses how Illumio helps his team more easily understand and control what’s happening inside the network.
Jeff Blair is responsible for the secure delivery of services and systems at CAA.
CISO, Creative Artists Agency
How have you seen the role of information technology change over the last five years?
JEFF BLAIR: IT has changed from delivering basic IT services to partnering with the business to ensure that the right information is available at the right time.
From a security perspective, it means that we aren’t just locking down systems in order to protect the business’s data. Instead, we need to ensure that people can get to the systems that they need in a secure way and that it’s easy for them to do so.
We no longer have the proxy of system lock downs and preventing behaviors and actions on systems that we had in the past. Those proxies are gone. We have to find better ways to protect closer to the data to ensure that we are able to log and monitor behaviors rather than block access.
Why did you choose Illumio?
JEFF BLAIR: The thing that really sold us on Illumio was the ability to separate out the control of security from the enforcement of security—and having the control be able to be a cloud service, be centrally monitored, and have the ability to be accessed from any system, regardless of whether it’s deployed in one of our data centers or in the cloud. We can have a unified view of security across multiple servers.
The other piece that was important to us was that we could also distribute access across the teams who were actually deploying services. This helps to support our continuous delivery model. We’re no longer reliant on one person or a small team in order to make firewall configuration changes for which they don't really know the context.
Delivering applications and data to our employees regardless of location or device is a cornerstone of our IT strategy, Illumio ASP provides us with a unified security approach both inside the corporate datacenter and on the public cloud.
How is having Illumio changing your security approach?
JEFF BLAIR: It’s allowed us to more securely move outside of our data centers. We still have a considerable number of systems that are deployed in traditional data centers, but we are also moving rapidly to cloud services and cloud infrastructure services so we can deploy those systems without having to rely on purchasing hardware.
What are some of the best features of Illumio?
JEFF BLAIR: I think the best feature of Illumio is the ability to visualize network communications between systems and then enforce policies. With Illumio we are able to quickly understand what systems talk to each other, see that in the context of the applications that are deployed on those systems, and respond quickly when something tries to communicate outside of the normal boundaries.
Illumio has also let us create a new system of boundaries quickly and understand them in a visual way rather than as code stuck away on a firewall somewhere that really only a small set of our team understands how to interpret and how to configure.
What are some of your favorite sources for technology information trends?
JEFF BLAIR: A lot of the information I get comes from reading—and it's not necessarily traditional security sources.
One of the things that informed my security posture and view on risk was Nassim Nicholas Taleb’s book, The Black Swan, which helped me understand how to protect against outlier events and what we should be looking for versus the constant stream of normal occurrences.
From an investigative reporting capability, Brian Krebs is really doing some incredible work beating large news sources to security stories. The Security Weekly podcast is a very useful source of security information; it really introduces me to a wide variety of security professionals.