2020年11月27日 星期五

資安 | Gartner top 10 security projects for 2020-2021 簡筆與摘要

 
Gartner Top 10 Security Projects @2020-2021



"If you can only do one project, focusing on securing your remote workforce and going back and looking at some of those changes we might have made earlier in the year would be a really good use of time" 
                                    — Brian Reed, senior director analyst at Gartner 

預估市場成長

Gartner expects investments in cloud access security broker (CASB) will see a 41% compound annual growth rate, followed by encryption software (24%), and threat intelligence (20%), between 2018 and 2023.


The top 10 security projects

(以下專案為獨立的,並非按照重要性排列

No. 1: Securing your remote workforce

Security teams need to know if they opened too much access for employees. 

No. 2: Risk-based vulnerability management

It's the security team's job to recommend how to prioritize patches, IT team is to apply them. 

No. 3: Extended detection and response (XDR)

XDR is a unified security and incident response platform that collects and correlates data from multiple proprietary components. It is not just SIEM and SOAR.

The platform-level integration occurs at the point of deployment rather than being added in later.

This consolidates multiple security products into one and may help provide better overall security outcomes, simplify and streamline security.

Centralization of normalized data and a centralized incident response capability.

The capabilities have to be able to "change the state of individual security products as part of the remediation process." 


No. 4: Cloud security posture management


To deliver "risk identification and alerting capabilities by reviewing different cloud audit and cloud operational events.
A CSPM platform...

No. 5: Simplify cloud access controls

CASB give companies real-time security control enforcement or enough flexibility to "start out in an API mode or a monitoring mode of operation."

No. 6: DMARC

"We use email far too often as the single or sole source of trust and verification. And it's incredibly easy to spoof," 
DMARC falls short of protecting other areas, such as "lookalike domains," but it's a "quick win,"  
Advises companies to begin in "monitor mode" and graduate to "reject" emails. 

No. 7: Passwordless authentication

Multi-factor authentication, zero factor authentication


No. 8: Data classification and protection 


Not all users and data have the same value, that' why we need it project.
Start with policies and definitions and really get the process right before we start layering in the technology.

No. 9: Workforce competencies assessment

Install the right people with the right skills in the right roles. 


No. 10: Automating security risk assessments 

Automate workflows extracting data from data sources "critical to risk assessment.

/

最近不經間看到一篇2018 年 Gartner top security projects 的分析。
基於好奇心,順手查了一下最新年度變得如何。

不意外地,看到CASB 和  threat intelligence 的預期成長都超過20%。
其中 CASB 在2014 年就出現了,雖然中間起起伏伏,不過最新趨勢看起來是成長的。


順便帶一下 2019 的 Top security projects, 長得和2020-2021 差了不少。
2020-2021 Top security projects 還存在一樣/相似概念的有 CASB和Cloud security posture management。

另外相近的還有vulnerability management、Detection and response (變成XDR)等。

Email threat 相關的,則由2019 的 BEC 變成了DMARC。老實說,DMARC 的出現還真的讓我有點驚訝,畢竟不算是新技術。

  • Privileged access management
  • CARTA-inspired vulnerability management
  • Detection and response
  • Cloud security posture management (CSPM)
  • CASB
  • Business email compromise 
  • Dark data discovery
  • Security incident response
  • Container security
  • Security ratings services



若有您轉貼需求,請來信討論。 轉貼時禁止修改內容及標題且保持所有連結。禁止商業使用,請註明原文標題、連結以及作者。

沒有留言:

張貼留言

Peggy的實驗空間| 小書庫 Index card ( 讀書筆記總目錄/書單 )

  一直很喜歡閱讀,也常從閱讀好書中與讀書會得到許多的力量與啟發,不管是在人生的低潮抑或是順遂的時候。在閱讀之路上,這幾年也保持一個習慣。當閱讀到喜歡的書籍,且那陣子時間允許,就會提醒自己閱讀完後整理出心得筆記。一方面藉機鍛鍊寫作肌肉與思路,方便之後的複習和查閱。另一方面,也可以...