Home security App - Mobile Applications protect security 8 features a cybersecurity technology platform must have

8 features a cybersecurity technology platform must have


8 features a cybersecurity technology platform must have | Information Security, latest Hacking News, Cyber Security, Network Security

Cybersecurity professionals ranked the most important attributes of a cybersecurity technology platform according to strict definitions that meet their requirements.

8 features a cybersecurity technology platform must have  - cyber security lock padlock firewall code breach password 100777447 large - 8 features a cybersecurity technology platform must have

Getty Images

try {
threshold : 0, // You can set threshold on how close to the edge ad should come before it is loaded. Default is 0 (when it is visible).
forceLoad : false, // Ad is loaded even if not visible. Default is false.
onLoad : false, // Callback function on call ad loading
onComplete : false, // Callback function when load is loaded
timeout : 1500, // Timeout ad load
debug : false, // For debug use : draw colors border depends on load status
xray : false // For debug use : display a complete page view with ad placements
}) ;
catch (exception){
console.log(“error loading lazyload_ad ” + exception);

In a blog post I wrote in August — The most important attributes of a cybersecurity platform — I listed the eight attributes that my colleague Doug Cahill and I believe are critical for a cybersecurity technology platform. The blog post also ranks the eight attributes according to a recent survey of 232 cybersecurity professionals working at enterprise organizations (i.e. those with more than 1,000 employees).

It was recently pointed out to me that while I listed the attributes, I did not define them. My apologies for the oversight, so here again is the list of attributes (along with the percentage of survey respondents that rated them as most important) along with definitions for each one.

  1. Coverage that includes major threat vectors such as email and web security (38%). Any security researcher will tell you that at least 90% of cyber attacks emanate from phishing emails, malicious attachments, or weaponized URLs. A cybersecurity platform must apply filters and monitoring to these common threat vectors for blocking and providing visibility into anomalous, suspicious, and malicious behaviors. 
  2. Central management across all products and services (33%). In this instance, central management means configuration management and policy management, along with common administration and reporting. Cybersecurity technology platform management provides an aggregated alternative to the current situation where organizations operate endpoint security management, network security management, malware sandboxing management, etc. 
  3. Capabilities across threat prevention, detection, and response (31%). CISOs want their security technologies to block the majority of attacks with detection efficacy in excess of 95%. When attacks circumvent security controls, they want their cybersecurity technology platforms to track anomalous behaviors across the kill chain (or the MITRE ATT&CK framework), provide aggregated alerts that string together all the suspicious breadcrumbs, and provide functions to terminate processes, quarantine systems, or rollback configurations to a known trusted state. 
  4. Coverage that spans endpoints, networks, servers, and cloud-based workloads (27%). This one is sort of self-explanatory. Today’s enterprises feature Balkanized endpoint, network, server, and cloud-workload protection tools don’t talk to each other. Enterprise organizations want tightly integrated tools that span their IT and work together as security force multipliers. 
  5. Cloud-based backend services — i.e. analytics, threat intelligence, signature/rules distribution, etc. (26%). Think of the cloud as the backend brains of a cybersecurity technology platform. Cloud-based services will aggregate suspicious behaviors across customers, run these behaviors through advanced and constantly improving machine learning algorithms, track the latest threat intelligence, and provide customized analytics and threat intelligence curation for specific customers, and industries, etc. In this way, all customers benefit from universal and customized services. 
  6. Openness — i.e. open APIs, developer support, ecosystem partners, etc. (22%). Even the best cybersecurity technology platforms won’t offer exhaustive security coverage. Therefore, security platforms must be fitted with APIs for third-party technology and developer support. This will also encourage the network effect where cybersecurity technology platform users share development best practices and homegrown amongst the community. 
  7. A combination of tightly coupled products and services — i.e. products and managed service options offering central command-and-control (20%).  Given the global cybersecurity skills shortage, organizations will pick and choose which security technologies they run in-house and which they outsource to managed security service providers. Leading cybersecurity technology platforms will enable seamless interoperability across any product and managed services mix. 
  8. A platform that is offered in multiple deployment options — i.e. on premises, cloud delivered, hybrid, etc. (18%). Large organizations tend to use hybrid technology deployments, running security appliances at corporate headquarters while opting for cloud-based security proxy services to support remote offices and mobile workers. Cybersecurity technology platforms will offer this hybrid support across all security controls (regardless of form factor) with a central management plane. 

While some attributes are rated higher than others, large organizations will need all eight over time. Therefore, CISOs should qualify, evaluate, and test cybersecurity technology platforms across all attributes while prioritizing those needed to address near-term requirements.

SUBSCRIBE! Get the best of CSO delivered to your email inbox.

CSO provides news, analysis and research on security and risk management

Source link

No tags for this post.


Please enter your comment!
Please enter your name here