As artificial intelligence (AI) advances, I am seeing a lot of discussion on LinkedIn and in the online media about the advantages it may bring for either the threat actors (“batten down the hatches, we are all doomed”) or the security defence teams (“it’s OK, relax, AI has you covered”).
Insider risks are threats that already have access to an organization’s sensitive information. They are people who have physical access to the organization’s buildings and credentials to sign-on to the network. But maybe more importantly, they’re familiar with the organization’s processes, they speak the company lingo, and they know where the important assets reside.
Over the last few years many organizations have already introduced a zero trust network access (ZTNA) solution, and are seeing the benefits from it. But many others have been put off by the work needed to transition to a zero trust-based access model and the associated technical integration work.
Starting off a new year often comes with a re-energized sense of taking stock of big changes you want to make and how you want to accomplish them. And, as we come off of “prediction season”, there’s also a sense of the hot topics and challenges that are already on the horizon for the security community.
I am often struck by the similarities in the skill set required for both parenting and cybersecurity. With children—as with employees—it is much easier to keep everyone safe if you have a little bit of visibility into what’s actually going on. The hardest child to parent effectively is one who shuts themselves away in their bedroom, operating in isolation and giving no clues as to the risks they may be exposing themselves to.
Organizations seeking cyber insurance coverage are typically required by their insurer to provide evidence of a panoply of controls around information security, disaster recovery, and related risk and technology requirements and best practices.
In the first part of this blog series, I took a look at how an understanding of digital strategy and digital risk is key to starting a security transformation journey. And in the second, I dug further into how a secure access service edge (SASE) architecture with security service edge (SSE) capabilities and zero trust principles can help mitigate the types of digital risk. In this final part, I will outline a few key use cases to show all of these elements in action.
Cyber incidents are becoming increasingly common and disruptive–whether it’s ransomware, data breaches, or leaks. The number of compelling events in the last few months in Australia have shown us the implications for businesses, and their customers, when a breach occurs.
Consolidating vendors has always been on the mind of digital leaders, but the current economic climate has elevated this topic, with a recent Gartner survey claiming that 75% of organisations are currently pursuing security vendor consolidation projects, up from 29% in 2020.
Two weeks ago, I had the opportunity to attend and speak at the H-ISAC fall summit here in Phoenix. As always, this conference is a great opportunity to meet back up with customers and friends from all around the Healthcare sector. This leads to illuminating conversations that really give me a higher definition picture of what is happening in the trenches and helps me better understand how the work we’re doing here at Netskope can help.
