The Cloud Is A Key To Cyber Defence

Uploaded on 2018-04-11 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Organisations need to make sense of security intelligence and act on it faster to get ahead of attackers, and cloud-based security is one way of making that possible.

Companies are moving to the cloud for greater agility, flexibility and resilience, and they should be doing the same with security, says Greg Day, chief security officer for Europe at Palo Alto Networks. “Security challenges and IT are now so dynamic that five-year plans no longer work,” he told the company’s End User Cybersecurity Summit in London.

To get ahead of the attackers, or at least on an even playing field, Day said organisations need to adapt their cyber defence capabilities at the same pace that adversaries are evolving their attacks.

Threat intelligence is an important element of any organisations defence capability, but the challenge facing organisations is being able to process threat intelligence and respond fast enough to be effective.

Legislation such as the EU’s General Data Protection Regulation (GDPR) and Network and Information Systems (NIS) Directive are also increasing the pressure on organisations to make sense of the security intelligence they are gathering, particularly from their own systems, to report breaches within 72 hours in some cases.

“Three years ago, organisations were taking an average of 229 days to identify a breach, two year ago this was around 205 days, while in 2017 this was down to 146, but simpler cases were being identified within 30 days.

“Although this shows progress is being made, being able to identify a breach within 30 days is not much use when the law requires it to be done within 72 hours, which means organisations have to change the way they consume intelligence and other security services,” said Day.

Cloud-based services the key enabler

While a growing number of security suppliers are attempting to tackle this problem with artificial intelligence, Palo Alto Networks believes that cloud-based services are the key enabler, and in June 2017 announced the Palo Alto Networks Application Framework to extend the capabilities of the Palo Alto Next-Generation Security Platform to enable organisations to implement innovative cloud-based security applications from any provider, large or small.

According to Palo Alto Networks, security platforms with open application programming interfaces (APIs) are set to turn the business model for the information security industry on its head in response to the need for new models that will drive more innovation, value and encourage sharing of threat intelligence in highly automated ways.

This is what the application framework is designed to deliver by enabling a software as a service (SaaS) consumption model, allowing customers to rapidly evaluate and deploy capabilities through security applications built by Palo Alto Networks, third-party developers, managed security service providers (MSSPs) and their own teams.

This new model is aimed at enabling organisations to activate cloud-delivered applications instantly from different providers as security needs change and without deploying or managing additional products.

The service-based model, said Day, is key to enabling organisations to apply the latest technological capabilities to meet changing cyber defence and other business requirements.

“By switching to a consumable subscription, organisations can put the responsibility on somebody else to keep pace with technology change so they can adapt their technology and service consumption to move with the business,” he said.

Computer Weekly

You Might Also Read: 

Have You Gauged The Cost Of A Cloud Outage?:

Ensure Your Cloud Storage Is Compliant With GDPR:

 

« Denmark: A Leader In Cyber Security
Criminal Web-Injects Can Steal Cryptocurrency »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Kaspersky Lab

Kaspersky Lab

Kaspersky Lab is one of the world’s largest privately held vendors of endpoint cybersecurity solutions.

XenArmor

XenArmor

XenArmor products include NetCertScanner, an enterprise software to scan & manage expired SSL Certificates on your local network or internet.

Hillstone Networks

Hillstone Networks

Hillstone Networks offers a broad range of security solutions for enterprises and data center networks – whether physical, virtual, or in the cloud.

CISPA Helmholtz Center for Information Security

CISPA Helmholtz Center for Information Security

The CISPA Helmholtz Center for Information Security is a German national Big Science Institution within the Helmholtz Association. Our research encompasses all aspects of Information Security.

C11 Cyber Security & Digital Innovation Centre

C11 Cyber Security & Digital Innovation Centre

C11 is working with local and national partners to develop talent and bring brilliant minds and brilliant businesses together.

GLESEC

GLESEC

GLESEC offer a complete range of Cyber Security services from Operations & Intelligence Services to Auditing & Compliance and Simulation and Training.

David Hayes-Export Controls

David Hayes-Export Controls

David Hayes-Export Controls provides assistance to companies affected by export controls or who are considering entering the market but are unsure of the commercial and regulatory implications.

FortifyData

FortifyData

FortifyData is the next generation of cyber risk management–a comprehensive platform that continuously evaluates your third-party, internal and people risks.

Infostream

Infostream

Infostream is a leading integrator of Digital Transformations Solutions (DTS); Public, Private, and Hybrid Cloud; Cybersecurity; Data Integrity; DevOps, DevSecOps, and Infrastructures.

Focus on Security

Focus on Security

Focus on Security are Cyber Security recruitment specialists. We’re dedicated to connecting you with the top Cyber Security talent across the globe. We focus on partnerships and results.

ConvergePoint

ConvergePoint

ConvergePoint is the leading compliance software provider on the Microsoft Office 365 SharePoint platform.

SektorCERT

SektorCERT

SektorCERT is the cybersecurity center for the critical infrastructure sectors in Denmark. We help detect and handle when critical infrastructure is exposed to cyber attacks.

CloudGuard

CloudGuard

CloudGuard is an AI-driven XDR platform that helps organisations to proactively detect and automatically remediate threats in real-time.

RST Cloud

RST Cloud

RST Cloud is a cutting-edge technology company that specialises in threat intelligence solutions for businesses of all sizes.

Cyberagentur (Cyber Agency)

Cyberagentur (Cyber Agency)

Cyberagentur is the Federal Agency in Germany for innovation in cybersecurity. Our mission is to advance research and groundbreaking innovations in the field of cybersecurity and related technologies.

Hopper Security

Hopper Security

The Future of Open-Source Risk Management Starts Here. We built Hopper to make sure you can harness the power of Open-Source safely and effectively.