The Cloud Is A Key To Cyber Defence

Uploaded on 2018-04-11 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Organisations need to make sense of security intelligence and act on it faster to get ahead of attackers, and cloud-based security is one way of making that possible.

Companies are moving to the cloud for greater agility, flexibility and resilience, and they should be doing the same with security, says Greg Day, chief security officer for Europe at Palo Alto Networks. “Security challenges and IT are now so dynamic that five-year plans no longer work,” he told the company’s End User Cybersecurity Summit in London.

To get ahead of the attackers, or at least on an even playing field, Day said organisations need to adapt their cyber defence capabilities at the same pace that adversaries are evolving their attacks.

Threat intelligence is an important element of any organisations defence capability, but the challenge facing organisations is being able to process threat intelligence and respond fast enough to be effective.

Legislation such as the EU’s General Data Protection Regulation (GDPR) and Network and Information Systems (NIS) Directive are also increasing the pressure on organisations to make sense of the security intelligence they are gathering, particularly from their own systems, to report breaches within 72 hours in some cases.

“Three years ago, organisations were taking an average of 229 days to identify a breach, two year ago this was around 205 days, while in 2017 this was down to 146, but simpler cases were being identified within 30 days.

“Although this shows progress is being made, being able to identify a breach within 30 days is not much use when the law requires it to be done within 72 hours, which means organisations have to change the way they consume intelligence and other security services,” said Day.

Cloud-based services the key enabler

While a growing number of security suppliers are attempting to tackle this problem with artificial intelligence, Palo Alto Networks believes that cloud-based services are the key enabler, and in June 2017 announced the Palo Alto Networks Application Framework to extend the capabilities of the Palo Alto Next-Generation Security Platform to enable organisations to implement innovative cloud-based security applications from any provider, large or small.

According to Palo Alto Networks, security platforms with open application programming interfaces (APIs) are set to turn the business model for the information security industry on its head in response to the need for new models that will drive more innovation, value and encourage sharing of threat intelligence in highly automated ways.

This is what the application framework is designed to deliver by enabling a software as a service (SaaS) consumption model, allowing customers to rapidly evaluate and deploy capabilities through security applications built by Palo Alto Networks, third-party developers, managed security service providers (MSSPs) and their own teams.

This new model is aimed at enabling organisations to activate cloud-delivered applications instantly from different providers as security needs change and without deploying or managing additional products.

The service-based model, said Day, is key to enabling organisations to apply the latest technological capabilities to meet changing cyber defence and other business requirements.

“By switching to a consumable subscription, organisations can put the responsibility on somebody else to keep pace with technology change so they can adapt their technology and service consumption to move with the business,” he said.

Computer Weekly

You Might Also Read: 

Have You Gauged The Cost Of A Cloud Outage?:

Ensure Your Cloud Storage Is Compliant With GDPR:

 

« Denmark: A Leader In Cyber Security
Criminal Web-Injects Can Steal Cryptocurrency »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Identiv

Identiv

Identiv is a global security technology company that establishes trust in the connected world, including premises, information and everyday items.

Cyberlytic

Cyberlytic

Cyberlytic applies artificial intelligence to combat the most sophisticated of web application threats, addressing the growing problem of high volumes of threat data.

Visa

Visa

Visa is a global payments technology company that connects consumers, businesses and banks in more than 200 countries and territories worldwide.

Mondo

Mondo

Mondo is the largest national staffing agency specializing exclusively in high-end, niche IT, Tech, and Digital Marketing talent. Areas of expertise include Cybersecurity.

DeepCyber

DeepCyber

DeepCyber supports its customers, with an “intelligence-driven” approach, to improve their proactive detection and response "capability" of cyber threats.

NuCrypt

NuCrypt

NuCrypt is developing technology that is applicable to ultrahigh security data encryption as well as key distribution.

Cord3

Cord3

Cord3 delivers data protection, even from trusted administrators – or hackers posing as administrators – with high privilege.

Penten

Penten

Penten is an Australian-based cyber security company focused on innovation in secure mobility and applied AI (artificial intelligence).

Armenia Startup Academy

Armenia Startup Academy

Armenia Startup Academy is a pre-acceleration program for selected Armenian tech companies and startups in areas including cybersecurity.

Vaultinum

Vaultinum

Vaultinum are a trusted independent third party specialized in the protection and audit of digital assets.

Telesystem

Telesystem

Telesystem empowers businesses across the USA with a range of innovative network, communication and collaboration solutions.

OSC Edge

OSC Edge

OSC was founded with the vision of providing expert solutions in IT to government and businesses. OSC Edge empowers organizations with solutions that prepare them for today and tomorrow.

CYTUR

CYTUR

CYTUR provide trusted and secured maritime cybersecurity solutions to keep ships safe, protecting them, their crews, cargo and all stakeholders from maritime cyber threats.

Attestiv

Attestiv

Attestiv puts authenticity into photos, videos and documents by utilizing advanced technologies in AI and tamper-proofing.

OryxAlign

OryxAlign

OryxAlign offer managed IT and cyber security, cloud and digital transformation, and tailored professional and consulting services.

Highway Ventures

Highway Ventures

HIGHWAY Ventures is a startup studio that builds cybersecurity and vertical AI companies in Northwest Arkansas from technology developed within the federal lab ecosystem.