8 features a cybersecurity technology platform must have
On this article you will learn features a cybersecurity technology Cybersecurity professionals ranked the foremost important attributes of a cybersecurity technology platform consistent with strict definitions that meet their requirements. It was recently acknowledged to me that while I listed the attributes, I didn’t define them. My apologies for the oversight, so here again is that the list of attributes (along with the share of survey respondents that rated them as most important) alongside definitions for everyone.
1. Coverage that has major threat vectors like email and web security (38%).
Any security researcher will tell you that a minimum of 90% of cyber attacks emanate from phishing emails, malicious attachments, or weaponized URLs. A cybersecurity platform must apply filters and monitoring to those common threat vectors for blocking malware and providing visibility into anomalous, suspicious, and malicious behaviors.
2. Central management across all products and services (33%).
during this instance, central management means configuration management and policy management, alongside common administration and reporting. Cybersecurity technology platform management provides an aggregated alternative to the present situation where organizations operate endpoint security management, network security management, malware sandboxing management, etc.
3. Capabilities across threat prevention, detection, and response (31%).
CISOs want their security technologies to dam the bulk of attacks with detection efficacy in more than 95%. When attacks circumvent security controls, they need their cybersecurity technology platforms to trace anomalous behaviors across the kill chain (or the MITRE ATT&CK framework), provide aggregated alerts that string together all the suspicious breadcrumbs, and supply functions to terminate processes, quarantine systems, or rollback configurations to a known trusted state.
4. Coverage that spans endpoints, networks, servers, and cloud-based workloads (27%).
This one is kind of self-explanatory. Today’s enterprises feature Balkanized endpoint, network, server, and cloud-workload protection tools don’t ask one another. Enterprise organizations want tightly integrated tools that span their IT infrastructure and work together as private security force multipliers.
5. Cloud-based backend services
— i.e. analytics, threat intelligence, signature/rules distribution, etc. (26%). consider the cloud because the backend brains of a cybersecurity technology platform. Cloud-based services will aggregate suspicious behaviors across customers, run these behaviors through advanced and constantly improving machine learning algorithms, track the newest threat intelligence, and supply customized analytics and threat intelligence curation for specific customers, and industries, etc. during this way, all customers enjoy universal and customised services.
6. Openness — i.e. open APIs, developer support, ecosystem partners, etc. (22%).
Even the simplest cybersecurity technology platforms won’t offer exhaustive security coverage. Therefore, security platforms must be fitted with APIs for third-party technology integration and developer support. This may also encourage the network effect where cybersecurity technology platform users share development best practices and homegrown software amongst the community.
7. A mixture of tightly coupled products and services
— i.e. products and managed service options offering central command-and-control (20%). Given the worldwide cybersecurity skills shortage, organizations will pick and choose which security technologies they run in-house and which they outsource to managed Security Service providers. Leading cybersecurity technology platforms will enable seamless interoperability across any product and managed services mix.
Point of sale systems in Kenya
8. A platform that’s offered in multiple deployment options
— i.e. on premises, cloud delivered, hybrid, etc. (18%). Large organizations tend to use hybrid technology deployments, running security appliances at corporate headquarters while choosing cloud-based security proxy services to support remote offices and mobile workers. Cybersecurity technology platforms will offer this hybrid support across all security controls (regardless of form factor) with a central management plane.
While some attributes are rated above others, large organizations will need all eight over time. Therefore, CISOs should qualify, evaluate, and test cybersecurity technology platforms across all attributes while prioritizing those needed to deal with near-term requirements.