|Home | Security | About | Contact | Links|
Thank you for stopping by. Below we list multiple things that organizations need to look at while dealing with ensuring cyber security.
Cloud based security policy enforcement that is placed between consumers and providers of cloud services. These help increase the visibility and the control as more users in an organization access cloud resources.
Context aware access controls balance the levels of trust against risk at the moment of access by a combination of dynamic risk mitigation techniques and trust elevation. Being context aware means that that access decisions are a reflection of the current conditions and access can be allowed in cases where it would normally have been blocked.
Some security attacks will bypass the traditional blocking mechanisms. In such situations it is important to detect the breach as soon as possible to minimise damage or loss of sensitive data.
Endpoint detection and response satisfies the need for continuous protection from threats at various endpoints like servers, latops, desktops etc. Tools record multiple endpoint and network events, and then save this data in a centralized db. Tasks are then constantly searched from the db and used to improve the security by deflecting common attacks and by providing early identification of attacks.
Domain specific embedded analytics will be a core part of all security systems. While this will generate a great volume of data, there is a prediction by Garner that 40% of all organizations will by the year 2020 have established a "security data warehouse", where they will store this data for analysis.
Integration with external feeds will be important for all security platforms. Reputation services provide trust metrics for how much trust based on users IPs and URLS and will help greatly when making decisions concerning end user access
One of the important strategies is to treat unknown entities as untrusted and to ensure they are isolated such that they cannot cause damange to the systems. Vitrualization will become a common theme for organizations in the near future.
Software will be more widely used to define security in organizations, allowing easier customization based on organizational needs.
Static and Dynamic application security techniques will increase accuracy of security testing.