We’re seeing more and more data breaches, ransomware and other types of cyber attacks, making security a hot topic. And as cyber attackers use different ways to invade and disrupt businesses, and as mobile, cloud, and IoT expand enterprise networks and add endpoints, security becomes critical. According to Gartner, security teams should always be vigilant, and they should also be aware of new technologies to help protect their enterprise from geographical attacks.

“In 2017, threats to enterprise IT remain at a very high level, with numerous data breaches and attacks reported in the media every day. As attackers improve their attack capabilities, businesses must also improve their ability to protect access and prevent attacks,” “Security and risk leaders must evaluate and use the latest technologies to defend against advanced attacks, better transform digital businesses and embrace new computing approaches such as cloud computing, mobile and DevOps,” said Neil MacDonald, Gartner Vice President, Distinguished Analyst and Gartner Honorary Fellow.

Here are the top techniques that can help companies protect their data and information:

1. Cloud computing workload protection platform

Currently, enterprises have different types of work responsibilities, infrastructure, and locations, including physical/virtual machines and containers, in addition to public/private clouds. The cloud computing effort responsible for protection platform allows enterprises to manage their various workloads, infrastructures, and locations from a single administrative console, so they can also deploy common security policies across all locations.

2. Cloud Access Security Agent (CASB)

Many enterprises use multiple cloud services and applications, all of which are monitored from a single CASB, so that enterprises can effectively enforce security policies, address cloud service risks, and ensure compliance across all cloud services (public and private).

3. Managed Detection and Response (MDR)

MDR services are usually considered when an enterprise does not have the resources or personnel to continuously monitor threats. These service providers enable enterprises to improve their threat detection and incident response through continuous monitoring capabilities.

4. The differential area

This enables the enterprise to separate and isolate applications and work responsibilities in the virtual data center, which uses the virtualization only software security mode to assign finely tuned security policies to each partition and even to each work responsibility.

5. Container security solution

A container is a stand-alone executable part of software that also contains everything you need to run it, including code, runtime, Settings, system tools, and system libraries. Containers typically share an operating system, and any attack on the operating system can cause all containers to become infected. Container security solutions enable scanning prior to container creation, and in addition to providing protection, they also monitor the runtime.

6. Deception techniques

Sometimes malicious activities can penetrate the enterprise network without being detected by other types of network defense systems deployed by the enterprise. In this case, spoofing techniques can provide insight that can be used to find and detect such malicious activity. It also takes an active security posture and outtricks attackers by tricking them. The spoofing technology solutions available today cover multiple layers within the enterprise stack and cover networks, data, applications, and endpoints.

7. Software Defined Peripheral (SDP)

With different systems and participating in this same network connection through the enterprise, the SDP allows the enterprise to define who needs to know what, thereby effectively removing sensitive information from the public eye. This helps reduce the attack surface by checking the identity and status of the device before allowing it to access the application infrastructure.

8. Remote browser

The Web browser provides a remote virtual environment in which a Web browser can be opened, and because the environment is not connected to the enterprise network, browser-based malware cannot penetrate the enterprise network to steal data.

9. Endpoint Detection and Response (EDR)

These security solutions monitor all endpoints for any abnormal/malicious behavior. The EDR focuses on detecting and subsequently investigating abnormal activity and, if threats are found, repairing and mitigating. According to Gartner, 80 percent of large enterprises, 25 percent of medium-sized enterprises and 10 percent of small enterprises worldwide will utilize EDR capabilities by 2020.

10. Network Traffic Analysis (NTA)

These security solutions monitor network traffic, connections, traffic, and objects to see if there are any suspected threats or malicious content. When malicious content is found, it is quarantined for further action.


Author: Anonymous

Source: 51 cto