Last week, I wrote about the rapid cycle of innovation happening with security technologies today — I’ve never experienced a time when every element of the security stack is transforming.
New security technologies are arriving at an opportune time. According to ESG research, 69 percent have increased their cybersecurity budgets in 2017, and my guess is that they will continue to increase investment in 2018. And when asked which BUSINESS initiatives will drive the most IT spending, 39 percent of organizations responded, “increasing cybersecurity protection.” This means business executives are buying into the need for cybersecurity improvements all around.
Review of this article
Find the good solutionsThere is a lot of scams in the cybersecurity market. Many companies claim to provide functionalities they do not have. They do false promises that make cybersecurity specialists very skeptic. Companies that need the kind of improvements and solutions scammers pretend to offer do not react promptly as they are suspicious.
One nice way to look at it is to benchmark opensource solutions with a wide and specialized community. The Linus Law and the second principle of Kerckhoffs are respected and provide a very good basis for a cybersecurity strategy. Opensource solutions can be tested without engagement making the switch process between technologies easier.
Replace humans with automationAs the shortage of cybersecurity skills comes more and more problematic, it is necessary to complete them with automation. Day to day security tasks should be automated and Artificial Intelligence should progressively replace humans for many tasks. Automation is less prone to error and more rigorous than humans for already known threats. Your cybersecurity staff should be concentrated on new threats and how to automate protection against them.
This may require changes in your company structure. A test and deployment environment should be at the center of your development and all automated. In short you should adopt a DevSecOps strategy.