Pakhnyushchyy - Fotolia
The number of threats a business must protect against continues to grow at an alarming rate. This may leave some security professionals feeling overwhelmed in their efforts to keep up. Fortunately, security technology is evolving as well. Technical advances are made with security teams in mind, making it easier to mitigate the growing number of traditional and emerging threats.
Enterprises' IT security threat management processes must better incorporate these time-saving technologies. Below are three shifts in security technologies that are changing IT security threat management in the enterprise.
Consolidate IT threat management with UTM
Security tools, including unified threat management (UTM) platforms, consolidate virus/malware prevention and web/content filtering, as well as protections against the latest email threats, in a single platform. A UTM approach reduces security tool management overhead and helps when threat information is shared across multiple tools. When threats can be identified through multiple methods, false positives are greatly reduced.
Use of AI and automation
AI is also advancing in many modern security tools. Consider automated penetration testing (pen testing) tools that utilize AI, for example. They incorporate tests for emerging threats and, in the process, change how pen tests are performed. In the past, traditional practices involved performing largely manual pen tests on an annual or semiannual basis. New automated pen tests can be run at a much higher frequency -- or even continuously. Thus, the use of AI and automation in threat management processes not only saves time, but it increases the chances of identifying security gaps before they can be exploited.
Utilize external threat intelligence services
Lastly, IT security threat management processes are shifting to help rapidly identify and protect against new and emerging threats. The use of external threat intelligence services is a low-cost way to offload the time-consuming task of zero-day exploit identification and remediation.Many organizations find it more convenient to designate a threat intelligence service to do the research and policy creation for them. Those policies can then be automatically and immediately pushed onto client network security tools for rapid enforcement -- with little human intervention required.
Dig Deeper on Security analytics and automation
Related Q&A from Andrew Froehlich
SASE and NaaS are network models with different goals. SASE combines SD-WAN with cloud-based security, while NaaS lets businesses outsource network ... Continue Reading
Prevention is the only line of defense against an extortionware attack. Learn how extortionware works and why it can be more damaging than ransomware. Continue Reading
SMS is being supplanted by RCS to let carriers compete against WhatsApp and Messenger and open new avenues to business messaging. Learn the ... Continue Reading