EDITOR’S QUESTION
Cloud Access Security Brokers (CASB) can
help in preventing data leaks in the cloud,
which cannot be addressed with on-premise
tools. CASB can also help with the escalation
of privileged users, which can either lead to
data breaches or the use of cloud resources
for unsanctioned purposes.
The endpoint is usually the weakest link
and should be adequately protected with
endpoint security controls. Protection
should be extended to the back end as
well, making sure systems are uniformly
configured to best practices. It goes
without saying, if you keep sensitive data
on endpoints, they should be protected
with other controls too, such as backup
with point-in-time restore capabilities.
Traditional monitoring tools, such
as Security Information and Event
Management (SIEM), fall short with new
types of threats and more complex hybrid
environments. Organisations need to
look at Security Monitoring and Analytics
(SMA) solutions employing reputable
real-time threat feeds, reputation
scoring, machine learning and artificial
intelligence to maintain the upper hand
in the evolving threat landscape. As
mentioned, endpoints are usually the
weakest links, but lateral movement
targets systems with the most sensitive
data. Attackers always go for high yields.
One might say that the steps mentioned are
just good security housekeeping, so what
do they have to do with cyber extortion
or ransomware protection? However,
ransomware or cyber extortion protection
calls for good security housekeeping.
www.intelligentcio.com