Encryption is a foundational element of cybersecurity. Organizations should implement encryption to counter the ever-growing threat of data breaches.
(more…)
Cybersecurity & Networking
-
-
Edge computing is now a top IT priority in organizations as they look to gain real-time business insights from data. Ideally, they’re able to achieve that while minimizing the IT infrastructure deployed at edge locations. But our research shows that the number of applications run at a location can have a big impact on the required IT resources. The amount of time data is retained there is another key factor to consider in planning edge deployments.
-
Organizations increasingly are deploying edge applications to gain business insights from data as it’s generated. But our research shows that they face various challenges: security issues, high infrastructure costs, a lack of skills, management complexity, and more. Being aware of the biggest application challenges and ways to address them before starting a deployment is crucial to ensuring that edge initiatives deliver the expected business value.
-
Strong network connectivity is needed in edge computing environments to extract business value from edge applications. 5G technology could be key to that, and the research shows that most organizations are bullish about using it at the edge. Adoption of both public and private 5G is expected to increase as a result, but organizations should watch deployments closely to make sure the technology is appropriate for their edge use cases.
-
As organizations modernize their software development processes leveraging cloud services for faster, more efficient software application delivery, cybersecurity teams are investing in developer-focused security tools to keep up. ESG research shows organizations have experienced a range of security incidents, many caused by preventable coding mistakes. This puts pressure on security teams to incorporate security into development to fix coding issues before the applications are deployed and to enable efficient remediation to prevent security incidents.
-
As organizations move to cloud-native application development to meet business demands with greater productivity and innovation, security teams need to adapt their application security strategies to support modern development processes. Developers’ increased usage of infrastructure-as-code (IaC) to provision their own cloud infrastructure and the availability of open source software (OSS) enable them to efficiently build, release, and update their software. Security teams need to ensure that they have the right security processes and controls in place to support these key components of cloud-native software and to effectively manage risk as development scales.
-
Challenged by ransomware and other password-related breaches and attacks, organizations are taking action to strengthen their authentication processes by deploying multifactor authentication (MFA). Like passwords, MFA is susceptible to attack, and doesn’t completely address the authentication problem. Passwordless authentication methods can protect against phishing and other attacks. To increase security and gain additional benefits, such as a better user experience and improved efficiency of IT and security teams, organizations need to operationalize strong authentication, making MFA or passwordless authentication mandatory.
-
Managing and securing the identities of an organization to increase security can be a challenge, and it is getting more challenging with the increased need for anywhere, anytime access to both cloud and in-house resources. Organizations are leveraging third parties and commercial solutions, including privileged access management (PAM) and identity governance and administration (IGA) to secure identities in their IT environment.
Already an Enterprise Strategy Group client? Log in to read the full report.
If you are not yet a Subscription Client but would like to learn more about accessing this report, please contact us.
-
As business activity shifts online, with a hybrid workforce, many activities are conducted over the network rather than in person, exposing an organization to fraud and attacks by nefarious individuals or groups or through identity theft. Organizations are increasingly protecting themselves from the uncertainty of working entirely online by using services to help screen their employees, contractors, and customers to prove they are who they say they are.
-
Building an in-house system to manage customer and third-party usernames and passwords may seem straightforward, but in practice may be an unexpectedly difficult task fraught with security risks. As a result, organizations are increasingly turning to customer identity and access management (CIAM) solutions to help increase performance and scalability with less effort and expense. While enterprises are turning to commercial CIAM solutions, IT and cybersecurity leaders are facing issues as they evaluate their CIAM options.
-
Security teams are challenged by the speed of modern software development processes. See data behind the movement to shift security left in an effort to increase security (without slowing down development) with this infographic, Walking the Line: GitOps and Shift Left Security.
-
Research Objectives
As organizations adopt modern software development processes, developers are empowered to quickly develop and release their applications by deploying them to the cloud. Security teams are challenged keeping up with the growth and speed of continuous integration/continuous deployment (CI/CD) cycles and their dynamic components.
While the industry has been talking about shifting security left to help security scale with rapid development, organizations have faced challenges putting that into practice. Most cloud-native security incidents are caused by misconfigurations, putting pressure on security teams to find ways to incorporate security into development so coding issues are caught and fixed before deployment. Organizations also need to focus on better ways to work with developers for rapid remediation of any detected security issues.
In order to gain insights into these trends, ESG surveyed 350 IT (30%) and cybersecurity (40%) decision makers, as well as application developers (30%), responsible for evaluating, purchasing, and utilizing developer-focused security products at midmarket (100 to 999 employees) and enterprise (1,000 or more employees) organizations in North America (US and Canada).