search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
industrytrends


What’s next for cybersecurity?


Jay Coley, senior security architect, EMEA at Fastly shares some predictions of how the future of cybersecurity is likely to unfold.


T


here’s a lot of noise in the media currently around so- called ‘advanced threats’, creating a landscape where businesses are increasingly worried about complex cyber


threats, such as nation state attacks. In reality, the causes of a large number of high-profile data breaches we’ve seen recently have been far more mundane. Verizon recently found that compromised web


applications caused 70% of security incidents in 2021, up from 39% in 2020 which is a worrying trend. In 2023, having the simple building blocks of your cybersecurity strategy up-and-running before responding to more complex threats will be a crucial part of the puzzle. Simple security threats – injection attacks and


When it comes to cybersecurity infrastructure, the key area “A lack of


comprehensive visibility into


cybersecurity.”


account takeovers – are most commonly responsible for data breaches. Te importance of having effective firewalls, web application firewalls (WAF) properly set up, and implementing end-to-end encryption of communications (like email) to ensure business continuity, cannot be overstated. Additionally, visibility over your security is also imperative. Aſter all, if you can’t see it, you can’t control it. A lack of comprehensive visibility into applications is oſten an entry-level barrier to effective cybersecurity. Recently, the range of threats businesses face hasn’t widened


significantly. Traditional threats have, however, become increasingly sophisticated. As we continue to shiſt to remote work, businesses will increasingly need to consider how to keep employees working on their own devices secure. Tere are a number of ways these workers can be more vulnerable than those working in offices, on company devices. One way I expect to see businesses mitigate this remote risk


is to shiſt increasingly towards a cloud-based infrastructure, designed with location and cloud redundancy. Tis ensures apps and APIs are far easier to secure and access from anywhere. Cloud-based architecture is easier to secure than physical data centres, and by building in redundancies also prevents bad actors from having a single target to hit.


www.pcr-online.biz applications is often


an entry-level barrier to effective


security teams will need to consider this year will be scalability. Te trend we’re increasingly seeing is advanced threats taking the form of seriously scaled-up versions of traditional threats, so businesses need to adopt a cybersecurity posture that allows them to stop these threats as soon as they’re detected. A zero-trust model situated at the edge of your network can stop these threats before they have the chance to develop into more significant security breaches. Above all, any tooling adopted by businesses in 2023 must address three key areas: ease of use, interoperability and observability. If security teams can see how their systems and applications are working,


deploy to exactly where they need security, and manage security for


their team without having to introduce them to any new management technology and tooling, they can build an effective cybersecurity policy. With application security, for example, these teams have to


ask themselves if they know how to deploy security where their applications live, regardless of location. If they can do this, they can quickly get the whole picture into the threats their applications are experiencing. On the managed security side of the equation, in 2023, security


providers will need to give their customers peace of mind. At the end of the day, the aim of a cybersecurity strategy is to stay ahead of attacks. To achieve this difficult goal, information sharing is absolutely fundamental - the back end will have to let the individual businesses they protect know exactly what is happening. Alternatively, managed security providers oſten see more threats than a single organisation’s team, and as such are able to automate their security to a greater extent. Tis frees up the team’s time to concentrate on zero-day threats rather than being stuck in spin cycles around common threats. Tere is significant work to be done in the security industry to


continue to protect against the serious threats businesses face, but if organisations are able to take steps to put the fundamentals in place, they will be well positioned to avoid cyber threats this year.


April 2023 | 13


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52