Shulou(Shulou.com)06/01 Report--

Now many enterprises or organizations have invested in dozens of network security tools. But I'm not sure if they're working as expected. This uncertainty is mainly the result of the rapidly changing attack situation.

Now many enterprises or organizations have invested in dozens of network security tools. But I'm not sure if they're working as expected. For example, if the percentage of successful blocked attacks reported by the Security Information and event Management (SIEM) tool is a false report, what is the percentage of blocked attacks that actually occurred? Zero percentage? 50%?

Welcome to the uncertain era of network security!

Overview

This uncertainty is mainly the result of the rapidly changing attack situation. Cyber criminals have been developing new plans to accelerate data theft and wreak havoc.

In fact, according to a new report by Ponemon Institute and AttackIQ, more than half of enterprise security leaders don't know if their security tools are working properly. More importantly, only 39% of respondents thought they got a higher return on their security investment.

Specifically, the lack of control over the effectiveness of security tools can be summed up by three things security leaders should know:

Whether the attack stops or not

The organization derives its full value from security infrastructure spending.

How to provide leaders with a clear description of the current security state of the organization. Existing problems

This lack of full control over security tools is not evenly distributed across the organization's infrastructure. The biggest problems are bring-your-own-device (BYOD), cloud environments, and Internet of things (IOT) devices. About 63% of respondents to the Ponemon study said they had witnessed a security control system report a blocked attack when, in fact, the attack was not stopped.

Another problem is that there are too many solutions. The companies surveyed deployed an average of 47 different network security solutions, but only 39% of companies said they believed in their own security solutions.

A new survey by IBM Security found that the lack of full control and the complexity of managing data across on-premises and cloud infrastructures increase the risk of cyber attacks. Nearly half (48%) of respondents said they lacked visibility into organizational data due to a variety of factors, including:

Unmanaged Devic

Lack of information on sensitive data location

Insufficient integration between network security tools and cloud infrastructure

Lack of understanding of attacks targeting cloud environments

Security analysis tools cannot work efficiently without an in-depth understanding of the organization's network data; how to better understand the security environment

Even if the staff is limited, some clear steps can be taken to better understand the effectiveness of the tools used to defend against cyber attacks.

Leverage artificial intelligence (AI): instead of trying to use limited employee resources to figure out what the user's normal behavior is, deploy an artificial intelligence solution.

Deploy a threat intelligence platform so that everyone can participate. This will speed up the detection of suspicious activity.

Efforts should be made to construct data flow channels within the organization to speed up the response to security incidents. Promote and support inter-departmental teamwork. The best way to solve data silos is to integrate security solutions into fewer platforms or platforms provided by a single vendor.

Focus on understanding and learning about security solutions for cloud and Internet of things environments.

Conduct penetration testing according to the scheduled schedule to find neglected security vulnerabilities.

Hope is not a strategy, wishful thinking is not a successful plan. It's time to turn uncertainty about the effectiveness of cyber security tools into a plan of action.

Original address: https://www.linuxprobe.com/safety-tool-self-test.html

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.