Decentralized Cybersecurity: Changing How We Think About IT

This blog post came about after repeated conversations, both with co-workers and customers of DNSFilter. I realized what we were talking about when we discussed the modern IT stack was really a decentralized cybersecurity program: A layered security architecture where an ecosystem of software would work together to protect and insulate your organization, specifically for endpoints. 

The need for this is twofold: 

  • Legacy solve-for-everything solutions just don’t work in 2021
  • A decentralized plan allows IT organizations to be agile, and for once embrace (or at the very least live with) the shadow IT that’s been feared for so long

We are not advocating for the death of IT departments. Instead, we want IT and cybersecurity to have a stake in the ground in every department.

Decentralized IT vs. Decentralized Cybersecurity

These are two different things, but you can’t have one without the other.

IT (and by extension, cybersecurity tools implemented by IT) is no longer separate from the rest of the business unit. Instead, it needs to be integrated. 

Decentralized IT is all about giving IT a stake in the ground in every department. That means an IT liaison in marketing, sales, finance, DevOps, etc. These liaisons take on special projects, such as building the infrastructure for large data warehouses and maintaining those systems. They are specialists, not generalists.

Decentralized cybersecurity is a product of decentralized IT. Where decentralized IT is the act of integrating IT within the business to give each department an invitation to the IT table, decentralized cybersecurity is the act of protecting users where they are. 

We are no longer protecting whole departments or an entire company at one level. We’re fashioning a security life preserver for each person (and endpoint). Everyone gets their own preserver instead of having large lifeboats on-deck ready to deploy. 

It’s not just remote work that has led to the need for personalized cybersecurity. Each user in each department (not counting the IT liaisons) is a specialist in their own right. Your marketing team might use a few shared tools, but there will certainly be one person who uses hardware or software unique to them.

You might be screaming “That’s Shadow IT!” at this point, but that’s where I’ll argue that this is just the way we need to all start working in 2022.

The goal is to put a cybersecurity infrastructure in place that enables individuals and their departments to work with agility. They can adopt the software and tools they need without waiting for IT sign-off, because their cybersecurity is already taken care of regardless of what they choose to use. Granted, there should be policies in place that dictate how new tools are installed and security measures that should be used whenever available (such as multi-factor authentication).

The modern tech stack, zero trust policies, and endpoint-first thinking are the centurions standing watch over all paths. 

Hybrid Work is the New Normal

We’ve all heard how the pandemic drove companies to rethink how they work. Most scrambled to find solutions to send employees home while maintaining the throughput expected at the office. With little time to plan for the mass exodus from the office the solutions were cobbled together haphazardly. Now is the time to take a step back and deal with the fallout because working remotely will continue. We may not see the levels of remote work we saw in March 2020. But as the new adage goes: “Work is where the laptop is”.

Shadow IT is not a Fad

I often read stories where IT battles against other departments bringing random SaaS apps into the organization like this epic reddit rant. Cloud offerings are easier to onboard, typically narrowly focused, and have their own support channels. 

SaaS is a staple of the modern org and IT departments need to accommodate. Gartner forecasts end-user spending on public cloud services to reach $396 billion this year—and grow 21.7% to reach $482 billion in 2022 and the pandemic has only intensified the trend. The “check with IT first” sentiment is real, but it’s an outdated paradigm that needs to change. There are many problems with IT being the gatekeeper of all digital assets in an organization:

  • Slows progress
  • Creates and emphasizes animosity
  • Disassociates department budgets

So how does IT keep the organization secure and retain flexibility?

IT has evolved to the point where shadow IT is just a part of life. We can optimize our security processes to account for the inevitability of shadow IT.

Webinar Resource: Security happens wherever your end users are.

Watch our on-demand webinar with DNSFilter's Product Manager Mikey Pruitt as dives more into the topic of decentralized cybersecurity and covers the following topics:

  • The current state of IT and the decentralized approach
  • Major cyber attacks in 2021
  • Rethinking shadow IT
  • Perimeter Defense and Detection & Response

Sign up to access the Decentralized Cybersecurity Webinar here!

Search
  • There are no suggestions because the search field is empty.
Latest posts
A Smarter Way to Manage Roaming Clients: The New DNSFilter Experience A Smarter Way to Manage Roaming Clients: The New DNSFilter Experience

Managing endpoint security across an organization—whether as an MSP overseeing multiple customers or an admin overseeing a tech stack—should be simple, efficient, and effective. That’s why we’re excited to introduce a revamped Roaming Client management experience, designed to provide greater confidence and ease in managing your fleet of DNSFilter Roaming Clients.

What the ISO 27001 Regulation Means for DNS Security in 2025 What the ISO 27001 Regulation Means for DNS Security in 2025

Why DNS Security Matters for ISO 27001 Certification

DNS security is more than just a technical concern—it’s a pillar of ISO 27001 compliance. As businesses work to protect sensitive data, secure network infrastructure, and meet regulatory requirements, DNS security solutions play a critical role in achieving ISO 27001 certification and ensuring compliance with evolving security standards.

Platform, Fires, and You: Navigating the Fine Line Between Operations and Development Platform, Fires, and You: Navigating the Fine Line Between Operations and Development

The Old-School Operations Role: Backbone or Bottleneck?

In the early days of IT, the operations team was the unsung hero—the silent, and often siloed, force that kept everything running. They were responsible for the infrastructure: Servers, databases, and networks that powered the business. They managed deployments, monitored systems, and ensured uptime. If it was working, no one noticed them. If it wasn't? Well, then the questions started: "Wha...

Explore More Content

Ready to brush up on something new? We've got even more for you to discover.