alphaspirit - Fotolia
What are best practices for a modern threat management strategy?
Infosec pros need to mitigate traditional cyberthreats, as well anticipate sophisticated, emerging threats. Learn how to build a threat management strategy that helps with both.
For most enterprise businesses, an effective modern threat management strategy requires a two-pronged approach. Security professionals must protect against traditional threats, while also keeping an eye on future threats and vulnerabilities that may not yet have emerged.
From a traditional threat perspective, the need to satisfy regulatory and compliance requirements is a top priority for security teams. Many compliance policies specifically target the protection of sensitive data and threats from external sources. Thus, integrating a threat management strategy to mitigate risk of data corruption or theft will be of utmost importance. Developing and enforcing a strategy around compliance is straightforward in most cases. This is made possible by the amount of third-party companies with services that are exclusively designed to help businesses achieve the proper level of compliance, usually based on one or more data protection management frameworks.
Security teams would be wise to look beyond known threats addressed in traditional threat management strategies and start to plan for the security risks of the future. This process can be a major challenge for security teams. After all, it is far more difficult to create a strategy against unknown, imagined threats than the kind they deal with every day.
Emerging threats can take one of two forms: Either 1) the threat is a new way to exploit a currently implemented technology, or 2) the threat targets newly deployed software, hardware or architectures. A threat against an IoT device is one example of the latter form of emerging threat. Other emerging threat technologies include public clouds, AI and mobile device usage.
To create an effective threat management strategy, security teams must include protections for both traditional and emerging threats. However, many conclude that too much time and effort are required to manage all threats using a host of disparate IT security tools. In response, many look to unified threat management (UTM) platforms. While a UTM system cannot protect against every threat, it does consolidate several security tools into a single pane of glass product. This includes virus, malware, web or content filtering, and email protection.
Dig Deeper on Data security and privacy
Related Q&A from Andrew Froehlich
Understanding UC interoperability challenges
The growth of remote and hybrid work has driven demand for better interoperability among collaboration tools. But supporting interoperability isn't ... Continue Reading
SOAR vs. SIEM: What's the difference?
When it comes to the SOAR vs. SIEM debate, it's important to understand their fundamental differences to get the most benefit from your security data. Continue Reading
NOC vs. data center: What's the difference?
Network operations centers and data centers are two facilities organizations use to store IT devices and manage operations. But they differ ... Continue Reading