Earlier this week, we announced the launch of our Cyber Security Innovation Programme in the UK. As part of this programme, we explore and test the evolving technology landscape, and examine how a multitude of new solutions can help organisations create resilient cyber architectures.
We do this by working in partnership with our customers to provide the right capabilities that can predict, protect, detect and respond to threats now and in the future. As described in my earlier post, technology innovation should be at the heart of this as the cybersecurity industry attempts to keep pace with data-hungry cyber criminals.
One technology innovation where organisations can drive value is risk-based security modelling. A growing number of information security professionals are already using these solutions to help them make sense of increasing volumes of diverse data.
These solutions, which incorporate data collection and network mapping, help organisations integrate existing protection technologies. This reduces security management costs and increases a company’s ability to identify and eliminate risks before they can be exploited.
The value in risk-based security solutions lies in their modelling and simulation capabilities. Taking data from every network device, they evaluate the security gaps that are created by the intersection of network topology, security controls, and infrastructure vulnerabilities. The solutions can then run attack simulations against different scenarios, checking every possible route and type of attack vector to evaluate where an organisation may be at risk. This approach is a considerable investment as it requires business process and change integration to ensure the biggest return.
In comparison, some traditional security measures are inward looking – focusing on maintaining an increasingly complex technology infrastructure until the need arises to counter the latest threat. This reactive culture needs to change and organisations should seek ways to strategically get ahead of cyberattacks. By establishing a granular, real-time understanding of attackers – including their motivations, tactics and tools – businesses can make sense of the mass of information security and risk management solutions on offer.
We have developed a series of free whitepapers to guide businesses through the latest in cybersecurity innovations. Download them here.