Understanding tech buzzwords like cybersecurity mesh

Cybersecurity mesh
04 Oct 2023

Everything is done online nowadays – whether that is banking, research, storing data, storing passwords, writing fees, drafting pleadings, and even making new acquaintances. Our lives and often our businesses are all online and in the Cloud.

That can leave us with a twinge of unease.

Especially when one considers that cybercrime is on the increase. In fact, according to the article Cybersecurity Trends & Statistics For 2023; What You Need To Know

Cyber-crime is growing exponentially. According to Cybersecurity Ventures, the cost of cybercrime is predicted to hit $8 trillion in 2023 and will grow to $10.5 trillion by 2025.

Worst of all, cybercriminals are organised, they have the latest tech and often sport fancy University degrees. By teaming up with other like-minded individuals (aka hackers), cybercriminals develop a sophisticated operation with the sole purpose of extortion. Either money or valuable data. Sometimes both.

Cybercriminals use ransomware to attack companies by compromising networks before installing file-encrypting malware across as many systems as possible. Victims are locked out of files and servers, where after cybercriminals demand a ransom payment (often to be made in cryptocurrency) in exchange for the decryption key. In many cases, the victim pays just to get their systems under their control and their businesses operational once again.

Law firms are not exempt (as set out in our previous article Cybersecurity).

Because law firms handle vast amounts of valuable data on a daily basis, the result is that they are often targeted by dodgy hackers who are trolling the digital landscape looking for an easy win.

And the takeaway here? Something needs to be done to protect your online systems.

But the truth is – you probably know all this already. The long and short of it is – you probably already have cybersecurity measures in place. And good on you.

So, our question to you is this – are you sure?

Have you ever heard of cybersecurity mesh?

Well, that’s what this week’s article is all about – cybersecurity mesh. Which is described by  Caret Legal as an “effective modern response that protects hybrid cloud and remote work scenarios with an adaptable mesh rather than an impregnable wall”.

Intriguing indeed.

Not often included in the list of buzzwords touted by some unscrupulous service providers who claim they can offer you everything and the kitchen sink with their products. But worth learning about, nevertheless. Because the truth is, whether you believe them or not, would you really know if they couldn’t offer cybersecurity mesh?

It’s so easy to get misled by all the buzzwords out there, that most of the time you are taking providers at their word. Not really knowing any better yourself. This may be ok with the providers you know and can trust but what about the new guys on the block that promise you the world? How can you tell the smooth operators from the “keep their promisers”?

One way is to become well acquainted with buzzwords so that you can pick out the take-a-chance “sharks” from the noble (and trusted) workhorses.

And we thought we would help you out with understanding a few of those buzzwords yourself. So that you can decide what is best for you.

Take cybersecurity mesh as an example…

Firstly, what is cybersecurity mesh?

The term cybersecurity mesh was coined by Gartner who defined cybersecurity mesh as follows –

Cybersecurity mesh or cybersecurity mesh architecture (CSMA) is a collaborative ecosystem of tools and controls to secure a modern, distributed enterprise. It builds on a strategy of integrating composable, distributed security tools by centralising the data and control plane to achieve more effective collaboration between tools. Outcomes include enhanced capabilities for detection, more efficient responses, consistent policy, posture and playbook management, and more adaptive and granular access control — all of which lead to better security”.

Or perhaps as succinctly described by Insight as –

a cyber defense strategy that independently secures each device with its own perimeter — such as firewalls and network protection tools. Many security practices use a single perimeter to secure an entire IT environment, but a cybersecurity mesh uses a holistic approach.”

Cybersecurity mesh is popular in remote working environments and where Cloud computing comes into play – where devices and machines are dispersed across many different locations – all requiring individual protection.

How does cybersecurity mesh work?

According to Insight, creating cybersecurity mesh requires a new endpoint and user-focused solution that keeps individual devices secure. A single solution that’s meant to protect everything within its network is no longer feasible.

We look to Mimecast for a more in-depth explanation –

Designed to consolidate cybersecurity management and orchestration across technology environments, a CSMA is comprised of four layers, each playing a specific role in enabling the central configuration and management of a “mesh” of security controls:

  • Security analytics and intelligence: This layer ingests data and insights from security tools to provide threat analysis and trigger responses.
  • Identity fabric: This is where foundational identity capabilities reside, such as identity proofing and entitlement management.
  • Consolidated policy, posture, and playbook management: This layer orchestrates centralised policy, checks, and coordinates security posture, and manages and orchestrates playbooks.
  • Consolidated dashboards: These offer an overarching view of the ecosystem for security teams.

Assembling these four layers bolsters a company’s cybersecurity posture in a number of ways, enabling more efficient responses, enhanced detection capabilities, more adaptative and granular access control, and more consistent policies and management”.

It’s important to note that cybersecurity mesh is pretty new to the cybersecurity landscape, so things are still a little in a test phase scenario. But one thing law firms can do in the meantime (and in order to get ready for cybersecurity mesh) – is to undertake an asset protection inventory exercise, assessing current cybersecurity controls and seeing whether they match up to the latest tech out there – specifically considering integration with the current legal accounting and practice management system, advanced analytics, and real-time risk scoring capabilities.

Once that groundwork is done, there are four ways – according to Mimecast – that one can begin to work towards a CSMA approach to cybersecurity –

  1. Exploit existing connectivity options: assess what security tools your organisation has already installed, and how these tools integrate. Creating effective connections among existing tools is likely to involve using a mix of vendors’ proprietary integrations as well as open specifications and standards for addressing any vendor interoperability gaps.
  2. Deploy consolidated security platforms: security vendors are increasingly offering consolidated security platforms made up of tightly coupled tools that utilise common data and control planes.
  3. Build your own layers: cybersecurity teams can opt to make targeted investments in each of the four CSMA layers that can give their company flexible capabilities in the short term and support the long-term goal of a cybersecurity mesh.
  4. Evaluate emerging technologies: explore and invest in emerging technology solutions, again with a focus on those that apply data and analytics principles to security information.

There’s no mistaking that the world has become more reliant on what the digital world has to offer. And in this world, law firms must ensure that they keep up with rapid advances in technology capabilities, being certain that they continuously improve on their cybersecurity measures.

So, what’s a law firm to do? Undertake the asset protection inventory exercise as discussed above and start moving towards a CSMA approach. Because not being ready for the latest and most flexible way of protecting your systems means risking attack from cybercriminals who have decided that you are the weakest in the law firm herd.

Be prepared – it’s the best way forward.

And always remember the goal here. Instead of protecting a central network, a cybersecurity mesh will extend a security perimeter around your people, their devices, and their connection points, wherever they’re located. Providing each employee with a security perimeter will mean that a law firm can monitor and maintain different levels of access to each connection point which offers better protection against hackers attempting to access the network (Caret Legal).

The main takeaway from this article? When shopping around for your latest legal tech investment, don’t get hoodwinked by the overuse of technical buzzwords or empty promises of providing you the world – “Sure, we can help you with cybersecurity mesh” – because once you understand what the word means, you will know whether they are a smart investment or not.

(Sources used and to whom we owe thanks: Mimecast; Gartner, Insight, Caret Lega, Forbes, Fortinet and Central Eyes).

If you have any queries relating to legal tech and how you can incorporate it into your practice, get-in-touch and let’s see how we can take your software solution from good to phenomenal.

If you don’t have any software supporting your legal practice yet, it’s not a problem. We are here to help you from scratch too.

AJS – as always – has your back!

See also:

(This article is provided for informational purposes only and not for the purpose of providing legal advice. For more information on the topic, please contact the author/s or the relevant provider.)
Alicia Koch

Alicia Koch is an admitted attorney with over 10 years PQE. She has worked in law firms, has had her own legal consulting company and has been an in-house legal... Read more about Alicia Koch


Running Your Practice articles by

Running Your Practice articles on GoLegal