Security threats continue to be more sophisticated and advanced with each day, with the majority often going completely undetected. Organizations are usually scrambling to keep up and implement new security controls to protect themselves, which adds a new layer of
complexity.

Situation

Not everyone’s process needs are the same. These differences drive out different categories and niches within  the Security Information and Event Management (SIEM) market space. Understand your own business’s processes and the unique technical and functional requirements that accompany them. Use your own set of requirements to determine the SIEM solution that best fits your organization.

Complication

• With the rise of Advanced Persistent Threats (APTs) and insider attacks, it becomes extremely difficult for security staff to detect all the risks.
• Many IT and IT Security staff are already stretched thin by keeping track of many different security technologies that already exist.

Anyone looking to purchase a SIEM product must understand what they want and need from this technology. Many are quick to get any SIEM product and assume that it will satisfy their requirements, while it may not be the correct choice for them.
Others may find greater value in the capabilities of another security technology rather than a SIEM. This can also go beyond what your peers at similar organizations are doing. As each company has its own unique processes and internal controls, their requirements become very specific and can differ widely from that of others in the same industry.

Click to download 

Secure Access Service Edge (SASE), pronounced “sassy,” is a new cloud-based network security model proposed by research firm Gartner that combines multiple network technologies delivered as a service including SWG, CASB, FWaaS and ZTNA with WAN capabilities (i.e., SDWAN) to support dynamic secure access to organizational assets. This new model allows IT security teams to easily connect and secure all of their organization’s networks and usersin an agile, cost-effective and scalable way.

As organizations continue to drive compute workloads to the cloud and mobile devices proliferate, edge computing is changing access requirements with billions of connected devices requiring cloud services and on-premises resources. At the same time, more users, devices, applications, services and data are being generated and located outside of an organization than inside.
Traditional network security architectures that typically place enterprise data centers at the center of IT resources are also becoming roadblocks to the dynamic access requirements of digital businesses and edge computing scenarios as cloud-native technologies require more dynamic and agile identity and access resources to secure workloads and data.

With numerous cybersecurity and network security solutions offered across a highly segmented market space, too many security services and categories are complicating what should be an integrated approach to an organization’s network security environment. The
entire cybersecurity vendor community needs to come together and provide a holistic approach to cybersecurity, and this is where the concept of Secure Access Service Edge or SASE comes in.

Click to download 

Cybersecurity is not a new issue, but the stakes are getting higher. The scale of regulatory penalties is growing, and customers—consumers, businesses and public-sector organizations alike—are becoming more sensitive to the issue. In the past, many consumers saw little difference between the security postures of the companies—such as banks and retailers—pursuing their business, and so it didn’t sway their loyalty. That’s changing, and consequently lots of companies are responding by making security and data privacy central to their value proposition.

For more than a decade, Verizon has published some of the preeminent reports on cybersecurity, including the Data Breach Investigations
Report (DBIR). This is the fourth edition of the Mobile Security Index. As the name suggests, it focuses on the threats to mobile devices; what
defenses companies have in place to thwart these attacks; and how often those fail, leading to a mobile-related compromise.

One of the key themes of the 2020 Mobile Security Index was mal-innovation. We talked about how cybercriminals were constantly finding new and often imaginative ways to carry out attacks. In another life, where their motives weren’t nefarious and the outcomes not so damaging to so many, the creativity and ingenuity shown by some of the attackers would merit fame and accolades.

Click to download 

Up to $223b of the World’s Top 100 Brands’ Value could be at risk from a Data Breach, finds Infosys-Interbrand Study.

In a world where technology has gotten weaved into every facet of our lives, we find ourselves living in a data-rich society. And this has made cybersecurity a part of our everyday lexicon, driving our choice in our association with brands.

For brands, this means data security has become a critical aspect of their businesses. This has a direct implication on the ‘trust’ that customers have on a brand. This in turn has a huge influence on customer engagement and affinity with the brand.

Most studies on data breaches tend to focus on the immediate costs to businesses – drop in profits or loss in revenues. However, the real impact on businesses could run much deeper as breaches can affect the long-term relationship between the customers and the brand.

In the endeavor to gauge this real impact, Infosys partnered with Interbrand to understand the impact of a breach on the brand’s relative strength. The study involved extensive desk research, discussions with security experts, along with a poll amongst Interbrand’s Brand Valuation Experts from across 15 countries.

The report serves as a guide for businesses to understand their brand’s ‘value at risk’ in the event of a cybersecurity breach and offers insights into implementing a well-defined cyber security strategy to maintain constant vigil and protect applications, data, networks and systems from the ever-present cyber threat landscape.

Click to download

This report assesses the extent to which the public participated in three recent ICT policy and law-making processes. These include
the National Information Communications and Technology (ICT) Policy, 2019, the Computer Misuse and Cybercrimes Act, 2018, and the Data
Protection Act, 2019.

While the principle of public participation is listed under Article 10 of the Constitution of Kenya, 2010 as one of the national values and principles of governance, the approach taken by state bodies in the ICT sector to facilitate public participation has been varied. Despite
progress in the past decade, such as the promotion of greater stakeholder engagement, better documentation and information sharing, hosting public county meetings, and making stakeholders’ inputs on publicly accessible platforms, challenges still remain.

The processes have been primarily initiated, dominated and executed by the state and its agents, in its capacity as the primary duty-bearer. However, while decisionmaking powers may rest with the government, there is an onus placed on the government to facilitate public participation.

Click to Download