Over the course of the long, slow evolution of cyberdefenses, we’ve lost focus on what the attacker really wants: access to your data via an identity.
Read my blog to learn more about why I think identity needs to be the foundational component of the cybersecurity stack.
Organizations of all sizes recognize the risk of cybersecurity threats to their businesses. This is why recent Technology Spending Intentions research from TechTarget’s Enterprise Strategy Group (ESG) [1] highlights that organizations continue to invest in improving cybersecurity. Respondents’ most-cited business initiative driving IT spending at their organizations in 2023 and the most-cited area in which they expect to increase investment in 2023 is cybersecurity. Why is that needed? Because the threat landscape is always changing and evolving. Like a never-ending game of whack-a-mole, cybersecurity professionals must adapt to new threats and tactics.
Over the last few years, the amount of encrypted traffic on the network has expanded significantly. While this is important to ensure privacy and security, it can represent a blind spot for security tools. ESG research [2] highlights that 83% of organizations have either a notable or significant concern regarding scanning encrypted traffic for threats. In fact, 68% of ESG research respondents have reported being impacted by multiple encrypted attacks.
Why is this happening? Well, because most organizations lack visibility into all their encrypted traffic, with only 34% stating that they have complete visibility. There are a number of reasons organizations forgo decryption, some of the most common of which include:
It will only get harder to gain visibility into encrypted traffic as new versions of Transport Layer Security (TLS 1.3 -TCP) and QUIC (UDP) rolls out. As these standards are adopted, it will become increasingly difficult to decrypt and analyze traffic.
So where does that leave organizations that are trying to stay ahead of the cyber threat curve? Well, one company that we just spoke to believes they have a solution. Gigamon, a pioneer in network visibility and intelligence that now focuses on providing deep observability pipelines, announced Precryption technology. This enables organizations to have deep visibility into encrypted traffic across virtual machines or container workloads so it can be delivered to threat detection, investigation and response tools for hybrid cloud environments. Gigamon believes this technology will eliminate blind spots and ensure organizations can inspect all encrypted traffic.
It accomplishes this by utilizing eBPF technology within the Linux kernel to capture traffic prior to encryption or just after decryption – eliminating the need for costly decryption technology or having to sniff keys. Gigamon claims that it runs independently of the application, unlike approaches that require agents. By collecting traffic prior to encryption, this approach alleviates the need to manage keys on a separate decryption tool, as well as the performance impact from decrypting network traffic.
Clearly, organizations have to work really hard to stay ahead of an ever-changing threat landscape, so It’s great to see vendors like Gigamon bringing to the market innovative solutions that deliver full visibility into encrypted traffic.
[1] Source: Enterprise Strategy Group Research Report, 2023 Technology Spending Intentions Survey, November 2022.
[2] Source: Enterprise Strategy Group Complete Survey Results, Network Threat Detection Response Trends, April 2023.
Traditional authentication methods aren’t working. With the availability of cheap cloud GPUs to crack passwords and tens of billions of known accounts/passwords, it’s clear that passwords aren’t secure. MFA hasn’t been a viable replacement as it’s susceptible to social engineering, phishing, and other attacks while introducing user friction and degrading the user experience.
Successful attacks are cultivating the need for a new authentication method. Recent prominent MFA-based breaches and friction in the end-user experience have reached the ears of app developers, IT, and cybersecurity leadership. Organizations are now searching for alternative methods to address the risks and challenges of MFA and password-based authentication.
IAM vendors need to demystify passwordless authentication. While the concept has received tremendous publicity as a panacea, organizations struggle to understand which passwordless methods are the best fit for different use cases. Passwordless vendors are jockeying to differentiate themselves in this crowded space to demonstrate they’re the best fit for prospective customers.
To gain insights into the authentication landscape generally and the evolution of passwordless technology specifically, TechTarget’s Enterprise Strategy Group surveyed 377 IT, cybersecurity, and application development professionals responsible for identity and access management programs, projects, processes, solutions, and services in North America.
This study sought to answer the following questions:
Survey participants represented a wide range of industries including manufacturing, technology, financial services, and retail/wholesale. For more details, please see the Research Methodology and Respondent Demographics sections of this report.
Enterprise Strategy Group research revealed that managed detection and response (MDR) providers are currently delivering much more value beyond basic detection and response services, meaning that the use of MDR providers can be a key strategy within modern security programs.
The use of generative artificial intelligence (GenAI) programs is becoming ubiquitous in business operations across organizations as departments and individuals attempt to inject efficiency into their processes using this fast-growing technology. Unfortunately, its rapid pace of adoption has cybersecurity teams racing to keep up. Recent research by TechTarget’s Enterprise Strategy Group explores how IT professionals and business decision makers plan to apply governance and policies to their organizations’ usage of GenAI.
From skills shortages to nuanced cyber-attacks, cybersecurity leaders have well-documented challenges that threaten the successful protection of businesses. Generative artificial intelligence (GenAI) has burst onto the scene promising a long list of potential applications, with cybersecurity improvement touted among them. Recent research by TechTarget’s Enterprise Strategy Group examined early cybersecurity use cases for this technology to get a sense of where GenAI could alter modern cybersecurity practices.
Identity is rooted in IT operations. In fact, when most people think of identity, they think of access management, as in identity and access management, or IAM.
The shift to the cloud and remote work, combined with the rise of phishing and other identity-related attacks, puts identity security at the forefront of cybersecurity concerns.
Read my blog to learn more about identity’s relationship to cybersecurity.
Organizations across industries need effective API security solutions to reduce cybersecurity risk as cloud-native development scales. This can help their teams discover, manage, configure, monitor, and protect their APIs to keep pace with modern software development.
Learn more about these trends with the infographic, Securing the API Attack Surface.
According to The Life and Times of Cybersecurity Professionals Volume VI (2023), the cybersecurity skills shortage continues unabated, leaving a majority of organizations with an ever-growing gap in the cybersecurity skills needed to reduce their cyber-risk from the latest threats. As the void widens, cybersecurity professionals bear the brunt: More than half find their jobs harder than two years ago, with many facing ongoing internal issues and new external challenges from an increase in cybersecurity complexity to a surge in cyber-attacks against an expanding attack surface. Chronic understaffing remains a major contributor to these issues and associated ramifications, with roughly one out of five professionals having even considered making a career switch, mainly out of frustration with what they perceive as organizational neglect and the sheer stress of their jobs.