The complexity and scope of the threat landscape, coupled with an acute shortage of security skills, is driving organizations of all sizes to increase their reliance on managed security services. The shift will require both parties to sharpen their skills: Security organizations will need to become more adept in contract management and division of labor, while managed security service providers (MSSPs) must scale and customize their offerings.
Cybersecurity & Networking
-
-
Research Objectives
Cyber-threat intelligence (CTI) is analyzed information about cyber-threats that helps inform security decision making. Although security professionals recognize the value of cyber-threat intelligence, many organizations still consume it on a superficial basis. Rather than collect, process, analyze, and disseminate cyber-threat intelligence to internal stakeholders, they simply look to cyber-threat intelligence for indicators of compromise (IoCs) like malicious IP addresses, web domains, and files that could be blocked by firewalls, email gateways, and endpoint security tools. Unfortunately, an IoC-based approach to CTI is extremely limited as adversaries can easily change IoCs, thus circumventing security controls, signatures, and blocking rules. Recognizing these limitations, most organizations have established CTI teams to gain a better understanding of the cyber-threats, adversaries, and attacks with the potential to disrupt business operations or steal sensitive data. This is the right decision, but establishing a productive CTI program isn’t easy. CTI program success depends upon a lifecycle approach spanning five phases:
1. Planning and direction.
2. CTI collection.
3. Processing.
4. Analysis and production.
5. Dissemination and feedback.
Mature CTI programs formalize this lifecycle approach, gain a thorough understanding of adversary behavior, and respond with appropriate countermeasures. Immature CTI programs are fraught with waste, overhead, and constant questioning of program results and value. Are organizations establishing mature CTI programs? What are the key success factors? In order to gain insights into these trends, TechTarget’s Enterprise Strategy Group surveyed 380 cybersecurity professionals at organizations in North America (US and Canada) with knowledge of and participation in their organization’s CTI programs.
(more…) -
Research Objectives
Determine the current state of cyber-threat intelligence (CTI) programs. Identify the stakeholders using cyber-threat intelligence and for what purposes. Highlight CTI program challenges and strategic plans. Determine the behavior and use cases of mature CTI programs.
-
On International Women’s Day, I’m proud to celebrate nearly one year of our Women in Cybersecurity series. We launched the series to connect women in the industry and to spotlight their stories with hopes to increase representation in the field. It’s been a great year of interviews with security experts and leaders, including company founders, CEOs, researchers, and CISOs, sharing their stories, tips, and resources. If you haven’t already, I hope you check out the series as every episode is informative and inspiring. My hope was to make the content available in anyone’s preferred format; you can read the blog posts, watch the short videos for highlights, and listen to the full audio recordings of the interviews, and I hope you have as much fun hearing these stories as we had doing these shows! Don’t forget to subscribe so you never miss a show since there is much more to come!
Here are some of my personal experiences along with key takeaways and highlights from the shows.
-
This episode of Women in Cybersecurity features the amazing Tanya Janca, founder and CEO of the We Hack Purple Community author of Alice and Bob Learn Application Security. Tanya is a powerhouse in the application security community, so I was thrilled to talk to her about her passion for sharing knowledge and techniques to advance our field.
-
New tools are proliferating to secure data wherever it lives. Six data security trends—ranging from AI washing to new data security platforms—are in the forefront for 2023. -
Identity’s place in the attack chain is driving the shift of identity responsibility from IT operations teams to security teams to look into passwordless, digital IDs, platforms, and more.
-
Encryption is a foundational element of cybersecurity. Organizations should implement encryption to counter the ever-growing threat of data breaches.
(more…) -
Edge computing is now a top IT priority in organizations as they look to gain real-time business insights from data. Ideally, they’re able to achieve that while minimizing the IT infrastructure deployed at edge locations. But our research shows that the number of applications run at a location can have a big impact on the required IT resources. The amount of time data is retained there is another key factor to consider in planning edge deployments.
-
Organizations increasingly are deploying edge applications to gain business insights from data as it’s generated. But our research shows that they face various challenges: security issues, high infrastructure costs, a lack of skills, management complexity, and more. Being aware of the biggest application challenges and ways to address them before starting a deployment is crucial to ensuring that edge initiatives deliver the expected business value.
-
Strong network connectivity is needed in edge computing environments to extract business value from edge applications. 5G technology could be key to that, and the research shows that most organizations are bullish about using it at the edge. Adoption of both public and private 5G is expected to increase as a result, but organizations should watch deployments closely to make sure the technology is appropriate for their edge use cases.
-
As organizations modernize their software development processes leveraging cloud services for faster, more efficient software application delivery, cybersecurity teams are investing in developer-focused security tools to keep up. ESG research shows organizations have experienced a range of security incidents, many caused by preventable coding mistakes. This puts pressure on security teams to incorporate security into development to fix coding issues before the applications are deployed and to enable efficient remediation to prevent security incidents.
On International Women’s Day, I’m proud to celebrate nearly one year of our 
New tools are proliferating to secure data wherever it lives. Six data security trends—ranging from AI washing to new data security platforms—are in the forefront for 2023.
Identity’s place in the attack chain is driving the shift of identity responsibility from IT operations teams to security teams to look into passwordless, digital IDs, platforms, and more.
Encryption is a foundational element of cybersecurity. Organizations should implement encryption to counter the ever-growing threat of data breaches.