Cybersecurity mesh architecture is a composable and scalable approach to extending security controls, even to widely distributed assets. Its flexibility is especially suitable for increasingly modular approaches consistent with hybrid multi-cloud architectures. CSMA enables a more composable, flexible and resilient security ecosystem. Rather than every security tool running in a silo, a cybersecurity mesh enables tools to interoperate through several supportive layers, such as consolidated policy management, security intelligence and identity fabric.

• Cybersecurity mesh architecture (CSMA) provides a foundational support layer that enables distinct security services to work together to create a dynamic security environment.
• CSMA provides a more consistent security posture to support increased agility for the composable enterprise. As organizations invest in new technology to enable digitalization, CSMA provides a flexible and scalable security foundation that provides bolt-on security for assets in hybrid and multi-cloud environments.
• CSMA creates a better defensive posture through a collaborative approach between integrated security tools and detective and predictive analytics. The outcome is enhanced responsiveness to breaches and attacks.
• Cybersecurity technology delivered through this model takes less time to deploy and maintain, while minimizing the potential for security dead ends that cannot support future needs. This frees cybersecurity teams for more value-added activities.

1. Security Analytics and Intelligence: Solutions at this layer focus on collecting, aggregating, and analyzing security data from various security tools. Based on this data, solutions such as security information and event management (SIEM) and security orchestration automation and response (SOAR) tools can analyze potential threats and trigger appropriate threat responses.
2. Distributed Identity Fabric: This layer focuses on providing identity and access management services, which are central to a zero-trust security policy. Capabilities include decentralized identity management, directory services, identity proofing, entitlement management, and adaptive access.
3. Consolidated Policy and Posture Management: Managing and enforcing consistent security policies across various environments requires translating policies for different environments. Solutions at this level convert policies into the rules and configuration settings needed for a particular environment or tool or can provide dynamic runtime authorization services.
4. Consolidated Dashboards: An array of discrete and disconnected security solutions impedes security operations by forcing context switches between multiple dashboards. This layer provides integrated visibility into an organization’s complete security architecture, enabling more efficient detection, investigation, and response to security incidents.

Existing approaches to identity and security architectures are not sufficient to meet today’s rapidly changing demands. CSMA helps provide a common, integrated security structure and posture to secure all assets, whether they’re on-premises, in data centers or in the cloud. CSMA enables stand-alone solutions to work together in complementary ways to improve overall security posture by standardizing the way the tools interconnect.

For example, it centralizes policy management and helps move control points closer to the assets they are designed to protect. Users, devices, applications and data have left the traditional office and data center. This means that a single network perimeter no longer exists to judge that “inside is good and outside is bad.” Identity and context have become the ultimate control plane in a distributed environment that supports assets and access from everywhere. CSMA’s distributed identity fabric provides trusted access by our workforce, clients, business partners and things.