As security of the cloud model improves, organizations are entrusting more sensitive data to cloud providers. Many are also exploring the synthesis of cloud computing and cybersecurity technologies. A fusion of cybersecurity technologies with cloud architectures can create a dynamic approach to risk that enables organizations to better understand their overall business ecosystem, as well as internal and external threats.
Once the program is in place, a tangle of enterprise-wide components must be integrated, managed and continuously improved. It’s a tall order for many. Increasingly, organizations are embracing managed security services to integrate, operate and enhance their cybersecurity programs.
Together, a cloud-based approach to security and use of managed security services can create a cybersecurity and privacy program that yields truly differentiating business capabilities.
To better understand the motivations and tactics of internal and external actors, organizations are adopting or updating key technologies.
Real-time analytics and threat intelligence provide contextual awareness of threats and an understanding of the tactics, techniques and procedures of adversaries. When analytics and threat intelligence are synthesized in the cloud, it becomes possible to create a single source of enterprise-wide data. Advanced authentication is key to helping organizations replace passwords, add an extra layer of security and improve trust.
The growing use of open-source software for cybersecurity represents a major shift in how organizations develop and run on-premises solutions and deliver IT services. What’s more, almost half of survey respondents said that open-source technologies have improved their cybersecurity program.
While rising risks to interconnected digital ecosystems are driving changes in cybersecurity, so too is the need for data privacy. Organizations around the world are taking action to address a slew of new data privacy requirements.
One of the most impactful is the EU’s General Data Protection Regulation (GDPR), which goes into effect in 2018. The GDPR will bring cascading privacy demands that will require a renewed focus on data privacy for companies that offer goods and services to EU citizens. Other significant new privacy measures have been introduced in Asia, including China, South Korea, Hong Kong and Singapore.
To get ahead of these changes, organizations are prioritizing privacy training and updating policies and assessments. Many also may need to revise methodologies to manage compliance, as well as review data governance frameworks and privacy life cycle programs.