Editorial

Your security team just identified a breach. Time to hit the fire alarm and launch your incident response plan. You do have one, right?

Digging out threats is a top priority among security pros and the sources of threat intelligence are ever expanding. Figuring out which approach is the right one for your organization will involve a number of stakeholders.

SASE — pronounced “sassy” — is a type of architecture that protects your data in the cloud and is built on multiple, existing technologies. SASE, or Secure Access Service Edge, sits in the cloud and includes cloud access security broker, DNS-layer security, secure web gateway, zero trust network access, software-defined WANs, and a firewall-as-a-service with intrusion protection system software.

With the mad rush of CISOs and CIO to implement a digital transformation of companies as workers were forced to work from home, security teams today are now facing a monumental problem. How do you backfill your due diligence and ensure your cloud and remoter workers’ networks are safe and secure months after fast-tracking the transfer of computing and storage resources to the cloud, fog and employees’ homes?

Cyberthieves need a solid business model to stay profitable. Unfortunately, they seem to have found one that can be as deadly to computing assets as COVID-19 is to people: Ransomware. It’s the plagues that keeps on taking corporate funds and assets. The reason why that plague can’t be stopped is that users keep clicking on infected emails and masks provide no protection.

We talk a lot about how passwords are obsolete, easy to breach, and generally just an old technology that should be replaced. Yet many companies are hesitant to engage in emerging identity management technology because of the costs, the complexity of replacing one identity access management approach with another, and the challenge of layering on new IAM without breaking existing identity products — the management can be a monumental challenge. Today’s users might be local or remote using a variety of devices, the might be connecting to the corporate network or the cloud, and in some cases, the “user” is an automated system or service account that has a minimal amount of actual human interaction. The assets connecting to the network can be physical or virtual, and in some cases might exist only for a very short time before being decommissioned. In short, this is not the identity management environment of just a couple of years ago.

We talk a lot about finding ways to defend our networks from attacks. One of the most effective defenses against cyberattacks is the same used against physical attacks: Don’t be there.

The COVID-19 pandemic caused a sea change in how businesses operate. What had been a 90%/10% office to work-from-home employment model was flipped on its head early in 2020, causing companies to scramble to put in place a new business continuity model.

The widespread and rippling effects of COVID-19 have impacted organizations worldwide. As we plan for getting back to business, we know that business is going to look different. From the perspective of the security operations center (SOC), we are entering largely uncharted territories that come with an outsize burden on security teams. Challenges come from the new borderless network with its inherent risks, increased employee burnout coupled with the ever-present staff shortages, and an uncertain economic outlook forcing teams to “do more with less.”

Connecting outsiders to a corporate network today is more problematic than ever, and it’s more than just employees working from home. Consumer-to-business accounts, such as customers logging in to make a purchase or reviewing their medical charts, or business-to-business portals in order to collaborate and service accounts, are being stressed at a much greater level today. We've all seen the chaos that can occur when companies that manage millions of user accounts, such as an entertainment channel, are breached and private data revealed. Today identity management is more important than ever, relying on adaptive access control, customer lifecycle management, market segmentation and privacy.

In the "good old days of computing," if you wanted a new server you needed to requisition and purchase the hardware, software and services; convince the IT department to install and configure it as a computing or storage device; and then you'd have a physical box for your needs - assuming there was space in the server cabinet or in the raised-floor server room. As part of the IT department's asset management program, the physical box would be counted and managed by IT pros. Today many companies and departments are using cloud-based resources that can be created and destroyed with a few keystrokes - and often the IT teams might not even know of the asset's existence. There could be no records of the new resources and perhaps insufficient data security, if any. This eBook looks at the challenge CISOs and the security teams face in identifying cloud-based assets, determining what content lives there and arranging for appropriate security. We'll address what constitutes a cloud asset, how companies can manage them, and why this is a mission-critical task to the enterprise.

When one thinks of the word “defense,” an image of something stopping an intruder often comes to mind. But what if your defenses became proactive and went on the offensive? That’s the idea behind such security strategies as red and blue team, threat sharing, and the use of artificial intelligence to build smarter threat intelligence defenses. Rather than waiting for the attackers, some CISOs are doing their own hacking of their own and their partners’ applications, making sure that there are no Zero Days being introduced into their networks. Companies also are being more aggressive about ensuring their supply chains are safe and using threat intelligence to reduce the number of known attack vulnerabilities. What are you doing to protect your network in advance, and how do you sell these proactive programs to your C-Suite. SC Media explores the possibilities.

You can’t protect your most important assets when you don’t have full visibility into your network. IoT devices are no exception. The next generation of enterprise IoT is becoming more than a group of devices and has morphed into mission-critical, enterprise-wide services that leverage edge-computing and modern hybrid architectures.

As companies move more users to the cloud because of COVID-19 and an increase in remote staff, the importance of privileged access to cloud assets has never been more important. Bad actors know this and are doing the best to try and access employees cloud resources. The CISO’s job is to ensure that only authorized users have access, so that means authenticating devices that the company might not own.

When it comes to data security, one of the most crucial factors is knowing who your users are ensuring that only authorized users can access your data and your applications. In fact, it goes deeper than that; you need to make sure that an authorized user is allowed to get access to the specific data they’re seeking. It’s one thing to manage identify and access management when everything resides on your own servers, but when you move everything to the cloud, identity management becomes that much more complex.