This week we look Gartner’s top 10 technologies for information security, why employees pose a significant risk to company cyber security, and more.
Gartner identifies the top 10 technologies for information security in 2016
Gartner has highlighted the top 10 technologies for information security and their implications for security organisations in 2016.
Cloud Access Security Brokers
Cloud access security brokers (CASBs) provide information security professionals with a critical control point for the secure and compliant use of cloud services across multiple cloud providers.
Endpoint Detection and Response
The market for endpoint detection and response (EDR) solutions is expanding quickly in response to the need for more effective endpoint protection and the emerging imperative to detect potential breaches and react faster.
Nonsignature Approaches for Endpoint Prevention
Purely signature-based approaches for malware prevention are ineffective against advanced and targeted attacks. Multiple techniques are emerging that augment traditional signature-based approaches, including memory protection and exploit prevention that prevent the common ways that malware gets onto systems, and machine learning-based malware prevention using mathematical models as an alternative to signatures for malware identification and blocking.
User and Entity Behavioural Analytics
User and entity behavioural analytics (UEBA) enables broad-scope security analytics, much like security information and event management (SIEM) enables broad-scope security monitoring.
Microsegmentation and Flow Visibility
Once attackers have gained a foothold in enterprise systems, they typically can move unimpeded laterally ("east/west") to other systems. To address this, there is an emerging requirement for "microsegmentation" (more granular segmentation) of east/west traffic in enterprise networks. In addition, several of the solutions provide visibility and monitoring of the communication flows.
Security Testing for DevOps (DevSecOps)
Security needs to become an integral part of DevOps style workflows — DevSecOps. DevSecOps operating models are emerging that use scripts, "recipes," blueprints and templates to drive the underlying configuration of security infrastructure — including security policies such as application testing during development or network connectivity at runtime.
Intelligence-Driven Security Operations Centre Orchestration Solutions
To meet the challenges of the new "detection and response" paradigm, an intelligence-driven SOC also needs to move beyond traditional defences, with an adaptive architecture and context-aware components. To support these required changes in information security programmes, the traditional SOC must evolve to become the intelligence-driven SOC (ISOC) with automation and orchestration of SOC processes being a key enabler.
Most attacks start by targeting end-users with malware delivered via email, URLs or malicious web sites. An emerging approach to address this risk is to remotely present the browser session from a "browser server" (typically Linux based) running on-premises or delivered as a cloud-based service.
Deception technologies are defined by the use of deceits and/or tricks designed to thwart, or throw off, an attacker's cognitive processes, disrupt an attacker's automation tools, delay an attacker's activities or disrupt breach progression.
Pervasive Trust Services
As enterprise security departments are asked to extend their protection capabilities to operational technology and the Internet of Things, new security models must emerge to provision and manage trust at scale.
Employees pose significant risk to company cyber security
Staff are a significant risk to their employer's cyber security according to new research by specialist global executive search and interim management company Norrie Johnston Recruitment (NJR).
The research shows that 23 per cent of employees use the same password for different work applications and 17 per cent write down their passwords, 16 per cent work while connected to public wi-fi networks and 15 per cent access social media sites on their work PCs.
Such bad habits and a lack of awareness about security mean that employees are inadvertently leaving companies' cyber doors wide open to attack.
Graham Oates, chief executive of Norrie Johnston Recruitment, commented: "It appears that people are bombarded by potential cyber threats in their private lives and are quite savvy about how to avoid them. Yet when it comes to a work situation they don't realise that they still need to be security aware. As a result, they are making their employers vulnerable to attack."
In other news:
– Happiest Minds Technologies has launched its Cyber Risk Protection Platform, which ‘represents a leap forward in helping organisations continue to be competitive in today’s digital world, yet stay within acceptable levels of cyber risk’.
– Nearly half (47%) of consumers would welcome the chance to use a ‘bank-style’ account, which would enable them to make and receive online payments but would not offer an overdraft facility, new research from Fintech company Pockit shows.