With growing agreement that the traditional enterprise security perimeter and architecture are dead, a new array of security and risk management technologies has recently emerged, which is applicable to secring the modern enterprise
The rapid pace of digital transformation, cloud migration, and staff distribution means that standard security controls do not work as they used to anymore.
Most businesses have reported experiencing security issues while trying to adapt to the rapid technological changes of the past two years. A recent report by Forrester, commissioned by cyber vendor Tenable, found that 74% of companies attribute recent cyberattacks to vulnerabilities in technology that have emerged during the pandemic.
The adoption of new technologies also offers solutions to these problems. With the global shortage of talent and online security skills, tools and automation designed for the new digital world are essential to meet the security challenge.
Also Read: Artificial intelligence: The Next Big Thing in Security
When it comes to emerging technologies for disaster prevention and management, enterprises need to shift their focus on areas such as confidential computing; decentralized identity; password-less authentication; secure access service edge (SASE); cloud infrastructure entitlement management (CIEM) etc.
Most of these technologies are designed to meet the new needs of multi-cloud and hybrid computing. This emerging technology is also in line with the security mesh architecture where security is robust, flexible, and integrated to meet the needs of digitally transformed enterprises.
Confidential computing
Data encryption opens a potential for unauthorized access or interference. There is therefore a risk of exposure for data that is in use.
Confidential computing mitigates the risk of exposure when data gets decrypted while in use. It does this by using a hardware-based enclave – or a trusted workplace – isolates and protects the data during processing.
Decentralized Identity
Ensuring privacy and compliance requires not only to control identities, but also control the data associated with those identities. Ownership and access management also faced concerns about security and accessibility in the midst of digital transformation. The use of centralized ID stores poses security and privacy risks.
Also Read: How can Organizations Successfully Prepare for a New Era of Threats
Decentralized identity provides a distributed identity model, leveraging technologies such as blockchain to distribute the storing of identities and related data across a large number of systems.
Secure Access Service Edge (SASE)
The Secure Access Service Edge (SASE) has gained significant popularity in the market because it is currently the most powerful way to improve security. The name was coined by Gartner analysts in 2019. SASE provides flexible and extended security configurations over existing network security structures, and calculates the growing number of users, devices, applications, and data available outside the business perimeter.
SASE provides flexibility “anywhere, anytime” to provide secure remote access by delivering multiple capabilities, including a secure web port to protect devices from web-based threats; cloud access security broker (CASB), which acts as a liaison between users and providers of cloud to ensure the enforcement of security policies; next-generation firewalls; and unpredictable, network access to the context – such as the identity, location, and health of the device – before granting remote access to applications.
Cloud infrastructure entitlement management (CIEM)
Management of identities and their entitlements, such as access privileges, is extremely difficult. Doing so in multi-cloud and hybrid environments can add another level of complication. Threat actors are known to exploit this weakness in order to invade and jeopardize cloud resources.
Cloud infrastructure entitlements management, or CIEM, is a tool for monitoring and managing cloud identities and permissions. This might include detection of anomalies in account entitlements such as accumulation of privileges, risky dormant accounts, and unnecessary permissions.
Over time, CIEM will likely be available as part of proprietary management and management (IGA), privileged access management (PAM), and cloud application protection protocol (CNAPP).
Technology and modern tools could be the only solution for better security, provide a better fight for the equally modern and emerging security risks.
For more such updates follow us on Google News ITsecuritywire News
