Acting practice lead, Enterprise Security Solution at Altron Systems Integration, Doctor Mafuwafuwane, shared his top four takeaways from the Cyber in the City event held November 2020.
1. Automation of policy controls
The upcoming enforcement of POPIA in South Africa is only one of the reasons why businesses need a strong handle on their data, but it has shone a light on the requirement for data privacy and created an increased sense of urgency around data controls. The automation of privacy-based policies is essential to keep control of data today, which not only needs to move around between resources, applications and systems to be valuable, but also can easily be created almost anywhere. Policy-based automation of the key data moving around systems can avoid human error and also rein in data sprawl, ensuring data always resides where it is easy to monitor. It allows organisations to have a clear picture of their data by identifying and classifying it, and then protecting it by encrypting and masking it, and ensuring users who need to access the data have an appropriate level of visibility and privilege. Existing tools such as IBM Guardium are ideal for this type of automation.
2. SASE framework
A Secure Access Service Edge (SASE) approach to security knits together and makes sense of existing technology investments in a way that effective controls and protects edge users and endpoint devices and supports a cloud migration strategy. SASE is an evolution of traditional data centre-oriented security, unifying network and security services. Its benefits include:i. Simplified management by consolidating point solutions e.g. cloud access security brokers (CASBs), firewalls, VPNs and zero-trust, into a single cloud delivery model.ii. Increased confidence thanks to the flexible consumption model scales with your business as it proceeds on its cloud journey.iii. Agility due to the enablement of remote working and mobile working across multiple devicesiv. Facilitating the migration away from capex-heavy on-premises appliances to cloud-enabled services, streamlining the network edge from a security operations point of view.
Find out more about our technology partner Cisco’s approach to SASE.
3. Business-driven security
There should be no doubt today that cyber security is a business problem, and not just an IT problem. Existing security tools and thinking are rapidly becoming obsolete as attacks increase in sophistication, we move to increased remote working, the cloud becomes more integral to business operations, and ICT environments become more complex. But at the same time, the ROI on security spend is difficult to demonstrate. C-level and board oversight of security risk and incidents is essential for compliance. And finally, gaps in digital security are a significant risk to digital transformation strategies. One strategy to facilitate business-driven security is through the evolved security information and event management (SIEM), which goes beyond compliance to empowering security teams to react to threats before they impact the business, as well as providing the right level of insight and information to various teams including the C-suite and board. Further, evolved SIEM supports proactive security with ongoing orchestration and automation.
Get our partner RSA’s take on evolved SIEM here.
4. Privileged access management (PAM)
The newer kid on the cyber security block, PAM, acknowledges that not only do not all users require equal levels of access, but that power users pose an additional cyber risk—whether by going rogue or being compromised—so need additional protection. And then, when privileged access is no longer required, have their status changed to regular users. PAM also caters for power users located outside the firewall, or off the corporate network, for instance SaaS, contractors and other partners.
A fundamental principle of PAM is that users only get access according to what they need to do their jobs. One of the most common errors that Altron Systems Integration cyber assessments highlight is too many users with privileged access that they don’t require for their roles and responsibilities, creating unnecessary risk for the organisation.
Learn more about PAM from our partner WALLIX here.https://www.cyberinthecity.co.za/the-enduring-urgency-of-cyber-security/
If you missed Cyber in the City event, you can catch up on the keynotes and panel discussions here: https://www.cyberinthecity.co.za/