In my last post, I explained the need for businesses to be consciously aware and how we are now seeing innovation technologies get their heads around the fact that protection is the first step in risk management.
If we take a look at the innovation in cyber security, there are some interesting areas that are emerging to protect businesses. These are:
Isolation works by separating services on a dedicated platform that is designed for security and scale. By isolating and reformatting content, threats are removed while the business is isolated from the attacks against typically applications or web sessions. The malware or threat is simply contained in the Isolation Platform.
Virtualisation is now part of most organisations’ risk management strategy and is being used to execute potentially harmful content regardless of where it is initiated (web, email). For businesses, virtualisation reduces costs but, more importantly, scales and separates the actual target system. It is becoming a critical component of the cyber defences of most organisations either in sandboxes or isolation platforms or as part of software defined security for the software defined data centre.
Cloud like virtualisation is now part and parcel of day to day business. The cloud in its many forms are now being used to provide protection and scale to business defences. Again, protection before it impacts the business has to be the driver for cybersecurity now. Furthermore, being able to deliver this across the partner ecosystem is essential. The cloud is one way to enable this but, in reality, it is simply a computer somewhere else and requires the same levels of security and risk management as your enterprise.
Analytics and machine learning have made huge advances in the past year and now form part of not only emerging technologies but also advanced MSSP (Managed Security Services Provider) services. The combination of increased data and advanced algorithms have benefited this area of research considerably. Some of the innovation has been around User Behaviour Analytics, trying to identify unusual behaviour that could indicate a compromise but this requires organisations to define in effect what is normal or for the machine to define this – not an easy task for most businesses. Trying to detect unusual behaviour will also require the necessary processes and procedures to act to prevent a breach – something that as an industry we have stayed away from. But we are clearly seeing huge strides in leveraging data and machines to remove the haystack from the needles.
What constitutes a platform will depend on which vendor you speak to but the principle is right. For too long, we have created a complex environment of security technologies that are independently managed and configured and are not connected or co-ordinated. The platform in theory resolves this issue. It is much more than a UTM (Unified Threat Management) and once again the cloud forms a core part of the connectivity and update component.
Along with the platform comes the notion of collaboration between disparate businesses that have implemented the same suite of technologies as well as between service providers. The realisation that we have to share intelligence across industries and governments is also now taking hold and emerging standards of information and intelligence sharing are driving this forward.
Finally, with many businesses looking to adopt innovation technologies, it’s important to note that security must be embedded into the business from the beginning – not seen as an afterthought and bolted on. Only then can businesses be better prepared for a cyber attack, and see value in their investments.