.jpg)
Analysts explore the topic during the Gartner Security and Risk Management Conference 2019, which takes place on August 13 and 14, in São Paulo
Recent research by Gartner, the world leader in research and advice for companies, has shown that the accelerated growth of organizations, with the adoption of new online sales platforms, Cloud applications and decentralization of IT infrastructures, has placed security leaders and risk management in the face of new cybersecurity needs. In this context, Chief Information and Security Officers (CISOs) are facing an increasingly complex reality, which needs to adapt the management of threats and the continuous demand for business evolution.
“Safety and risk management leaders are constantly bombarded with the maintenance of existing safety actions and with the presentation of new demands and projects”, says Brian Reed, Senior Analyst at Gartner. "As a priority for new security projects, focus on initiatives that can generate a high degree of business impact and that have the ability to reduce a large amount of risks".
To support this journey, Gartner identified the top 10 priorities for new security projects for organizations that have already adopted all basic security measures.
Project 1: Privileged Access Management (PAM - Privileged Access Management, in English) - Privileged accounts (or administrative accounts with high power of control) are attractive targets for attackers. A Privileged Access Management project will highlight the necessary controls to be applied to protect these accounts, which should be prioritized through a risk-based approach. PAM projects must cover human and non-human systems accounts and support a combination of local environments, in Cloud-based and hybrid environments, as well as APIs for automation.
Project 2: Vulnerability Management inspired by risk analysis (CARTA - Continuous Adaptive Risk and Trust Management, in English) - Security teams cannot deal with the sheer number of vulnerabilities and cannot fix everything. Therefore, leaders should focus on an “adaptive and continuous security” approach (LETTER), adaptable, everywhere, all the time. This requires Chief Information and Secutity Officers (CISOs) to establish the business value of IT assets, as agreed between business participants, and the risks associated with them to emphasize the importance of focusing on those assets. In addition, organizations must understand the network topology and any changes to the IT infrastructure.
Project 3: Detection and response - Perfect protection options do not exist, but CISOs should consider detection and response projects. Ask a few questions: How is data collected and stored to support detection and response capabilities? Does the technology have a wide variety of detection and response capabilities, or the ability to use indicators of compromise? If the organization already has a data protection platform Endpoints, consider this platform as an option to provide detection and response. For a managed security services approach, think of a project that provides information to a managed provider. Be sure to thoroughly test any vendor that claims to have Artificial Intelligence (AI) or Machine Learning capability.
Project 4: Determine a Cloud Access Security Agent (CASB - Cloud Access Security Broker, in English) - Cloud Access Security Agents provide a control point for visibility and management for organizations that have adopted multiple Software as a Service (SaaS) applications. Gartner indicates that companies should justify this type of project starting with the discovery of cloud applications to monitor the IT infrastructure. It is necessary to assess whether the organization has control and visibility of sensitive data used and shared by SaaS applications. Another point is to determine what level of visibility and control is required for each Cloud-based service. Participate in short-term contracts focused on the discovery and protection of confidential data.
Project 5: Security posture management in the cloud (CSPM - Cloud Security Posture Management, in English) - Although Cloud services offer high levels of automation and self-service to users, almost all Cloud attacks they are the result of configuration errors, management errors and customer errors. It is important, therefore, to consider the Security Posture Management processes and tools to mitigate the risks of applications allocated in Cloud environments. If the company uses only one infrastructure platform as a service, it is necessary to verify that this provider has CSPM options. Otherwise, check if the provider supports the various Cloud applications that the company is using. Cloud-based CSPM options will be able to make automated changes based on assessment findings, but if the company is already using a CASB, market leaders will already have well-developed CSPM options.
Project 6: Commitment to commercial emails - A commercial email engagement project can help security and risk management leaders deal with security attacks phishing and poorly defined business processes. These projects focus on technical controls, in addition to failures of specific organization processes. Customizable Machine Learning options can be integrated with today's email security systems, and security and risk management leaders can look for specific email security vendors that offer controls and integrate the project with email training. security and other security protections Endpoint.
Project 7: Discovery of obscure data - Before embarking on data center consolidation or migration to Cloud environments, leaders must begin discovering obscure data. These are the data that offer low value and unknown risk. The reduction of the data coverage area unknown by the organization not only reduces the security risk, but also reduces the exposure to the risk of sanctions imposed by data protection regulations. Gartner advises leaders to evaluate data that resides in specific silos (for example, file shares, databases, Big Data and Cloud repositories). It is also indicated that companies focus on suppliers with extensive data repository support for all systems where confidential data is stored.
Project 8: Security Incident Report - Security incidents require planning, preparation and adequate response. This project can focus on updating existing plans or completely reshaping the responses to each event. Organizations should assess their current level of response and at what points the action plan could be improved. Consider an incident response retainer from a provider that offers the necessary flexibility to handle proactive and reactive tasks.
Project 9: Implement improvements in Container Security - Developers are increasingly using Linux containers to boost digital business resources through faster application development. Each of these containers, however, must be examined for vulnerabilities and problems, before being put into production. Container security must integrate with common development tools and the operation pipeline and be used with comprehensive APIs to support a variety of security tools. Gartner assesses that one way is to start by analyzing known vulnerabilities and configuration problems and then extending that strategy to production and execution. The most advanced solutions can create a detailed "bill of materials" for each container and compare it to what is actually being used at run time to recommend where libraries and code can be removed.
Project 10: Security classification services (SRS - Security Rating Services, in English) - As digital ecosystems increase in complexity, so do security risks. In addition to internal security and risks, leaders should consider suppliers, regulators, customers, business partners and platforms. Take advantage of security rating services to provide continuous, independent, real-time, low-cost scores for your overall digital ecosystem. This should only be used as a complement - it is not a complete overview, but these services are important innovations. Assess multiple vendors against their requirements and ensure that security rating services are used as part of the selection criteria.
Complete research on these and other topics will be presented during the Gartner Security and Risk Management Conference 2019, which takes place on August 13th and 14th, in São Paulo. Considered one of the main corporate meetings in Latin America, the event will bring together analysts and market experts to present the digital security scenario and how leaders can advance in their risk management and protection strategies.
ABES institutionally supports the event and members have a discount of R$ 550.00 on the registration fee, using the promotional code BRSABS, on the event website: http://www.gartner.com/pt-br/conferences/la/security-risk-management-brazil.
“Safety and risk management leaders are constantly bombarded with the maintenance of existing safety actions and with the presentation of new demands and projects”, says Brian Reed, Senior Analyst at Gartner. "As a priority for new security projects, focus on initiatives that can generate a high degree of business impact and that have the ability to reduce a large amount of risks".
To support this journey, Gartner identified the top 10 priorities for new security projects for organizations that have already adopted all basic security measures.
Project 1: Privileged Access Management (PAM - Privileged Access Management, in English) - Privileged accounts (or administrative accounts with high power of control) are attractive targets for attackers. A Privileged Access Management project will highlight the necessary controls to be applied to protect these accounts, which should be prioritized through a risk-based approach. PAM projects must cover human and non-human systems accounts and support a combination of local environments, in Cloud-based and hybrid environments, as well as APIs for automation.
Project 2: Vulnerability Management inspired by risk analysis (CARTA - Continuous Adaptive Risk and Trust Management, in English) - Security teams cannot deal with the sheer number of vulnerabilities and cannot fix everything. Therefore, leaders should focus on an “adaptive and continuous security” approach (LETTER), adaptable, everywhere, all the time. This requires Chief Information and Secutity Officers (CISOs) to establish the business value of IT assets, as agreed between business participants, and the risks associated with them to emphasize the importance of focusing on those assets. In addition, organizations must understand the network topology and any changes to the IT infrastructure.
Project 3: Detection and response - Perfect protection options do not exist, but CISOs should consider detection and response projects. Ask a few questions: How is data collected and stored to support detection and response capabilities? Does the technology have a wide variety of detection and response capabilities, or the ability to use indicators of compromise? If the organization already has a data protection platform Endpoints, consider this platform as an option to provide detection and response. For a managed security services approach, think of a project that provides information to a managed provider. Be sure to thoroughly test any vendor that claims to have Artificial Intelligence (AI) or Machine Learning capability.
Project 4: Determine a Cloud Access Security Agent (CASB - Cloud Access Security Broker, in English) - Cloud Access Security Agents provide a control point for visibility and management for organizations that have adopted multiple Software as a Service (SaaS) applications. Gartner indicates that companies should justify this type of project starting with the discovery of cloud applications to monitor the IT infrastructure. It is necessary to assess whether the organization has control and visibility of sensitive data used and shared by SaaS applications. Another point is to determine what level of visibility and control is required for each Cloud-based service. Participate in short-term contracts focused on the discovery and protection of confidential data.
Project 5: Security posture management in the cloud (CSPM - Cloud Security Posture Management, in English) - Although Cloud services offer high levels of automation and self-service to users, almost all Cloud attacks they are the result of configuration errors, management errors and customer errors. It is important, therefore, to consider the Security Posture Management processes and tools to mitigate the risks of applications allocated in Cloud environments. If the company uses only one infrastructure platform as a service, it is necessary to verify that this provider has CSPM options. Otherwise, check if the provider supports the various Cloud applications that the company is using. Cloud-based CSPM options will be able to make automated changes based on assessment findings, but if the company is already using a CASB, market leaders will already have well-developed CSPM options.
Project 6: Commitment to commercial emails - A commercial email engagement project can help security and risk management leaders deal with security attacks phishing and poorly defined business processes. These projects focus on technical controls, in addition to failures of specific organization processes. Customizable Machine Learning options can be integrated with today's email security systems, and security and risk management leaders can look for specific email security vendors that offer controls and integrate the project with email training. security and other security protections Endpoint.
Project 7: Discovery of obscure data - Before embarking on data center consolidation or migration to Cloud environments, leaders must begin discovering obscure data. These are the data that offer low value and unknown risk. The reduction of the data coverage area unknown by the organization not only reduces the security risk, but also reduces the exposure to the risk of sanctions imposed by data protection regulations. Gartner advises leaders to evaluate data that resides in specific silos (for example, file shares, databases, Big Data and Cloud repositories). It is also indicated that companies focus on suppliers with extensive data repository support for all systems where confidential data is stored.
Project 8: Security Incident Report - Security incidents require planning, preparation and adequate response. This project can focus on updating existing plans or completely reshaping the responses to each event. Organizations should assess their current level of response and at what points the action plan could be improved. Consider an incident response retainer from a provider that offers the necessary flexibility to handle proactive and reactive tasks.
Project 9: Implement improvements in Container Security - Developers are increasingly using Linux containers to boost digital business resources through faster application development. Each of these containers, however, must be examined for vulnerabilities and problems, before being put into production. Container security must integrate with common development tools and the operation pipeline and be used with comprehensive APIs to support a variety of security tools. Gartner assesses that one way is to start by analyzing known vulnerabilities and configuration problems and then extending that strategy to production and execution. The most advanced solutions can create a detailed "bill of materials" for each container and compare it to what is actually being used at run time to recommend where libraries and code can be removed.
Project 10: Security classification services (SRS - Security Rating Services, in English) - As digital ecosystems increase in complexity, so do security risks. In addition to internal security and risks, leaders should consider suppliers, regulators, customers, business partners and platforms. Take advantage of security rating services to provide continuous, independent, real-time, low-cost scores for your overall digital ecosystem. This should only be used as a complement - it is not a complete overview, but these services are important innovations. Assess multiple vendors against their requirements and ensure that security rating services are used as part of the selection criteria.
Complete research on these and other topics will be presented during the Gartner Security and Risk Management Conference 2019, which takes place on August 13th and 14th, in São Paulo. Considered one of the main corporate meetings in Latin America, the event will bring together analysts and market experts to present the digital security scenario and how leaders can advance in their risk management and protection strategies.
ABES institutionally supports the event and members have a discount of R$ 550.00 on the registration fee, using the promotional code BRSABS, on the event website: http://www.gartner.com/pt-br/conferences/la/security-risk-management-brazil.
EN 
PT 
