Positive Research 2020 // Positive Technologies

В журнале по практической информационной безопасности Positive Research 2020 мы собрали для вас самую актуальную и интересную информацию о трендах и прогрессивных технологиях ИБ, о том, как защититься от киберугроз, чему учиться — и о том, что нас ждет в будущем.

https://www.ptsecurity.com/upload/corporate/ru-ru/analytics/positive-research-2020-rus.pdf

In the past six months, the way we live and work has changed beyond recognition. To put it simply – life on earth has gone online. The change was not gradual but happened seemingly overnight. Almost everything is different now, from the way we conduct relationships, work or even do our grocery shopping. Changes of the same order of magnitude can be found in the cyber arena.

The new normal has created challenges alongside opportunities. Infrastructure changes made by companies to allow remote access have also required threat actors to adapt to a hybrid world that integrates cloud technologies. In addition, the rapid spread of the corona virus and global research efforts to find a vaccine have created new phishing options and made medical research institutions a sought-after target for criminal and state actors.

We will address these effects and more aspects of the threat landscape, while providing examples and statistics of real world events.

https://www.checkpoint.com/downloads/resources/cyber-attack-trends-report-mid-year-2020.pdf

ACSC Annual Cyber Threat Report 2020 // Australian Cyber Security Centre

This report outlines key cyber threats and statistics over the period 1 July 2019 to 30 June 2020. Over this period, the ACSC responded to 2,266 cyber security incidents and received 59,806 cybercrime reports at an average of 164 cybercrime reports per day, or one report every 10 minutes.

https://www.cyber.gov.au/sites/default/files/2020-09/ACSC-Annual-Cyber-Threat-Report-2019-20.pdf

Cloud-Native Security Platforms // 451 Research commissioned by eSentire

Despite year after year of increased spending on security tools, people, services, audits and assessments, organizations have seen minimal results. Security gaps still persist as overwhelmed security teams lack the visibility, scalability, expertise and agility to adapt to a rapidly changing digital ecosystem. Although a majority (70%) of organizations believe they are more secure today than they were 12 months ago, almost half believe they will experience a data breach in the next 12 months, according to 451 Research’s Voice of the Enterprise: Information Security, Organizational Dynamics 2019 survey data.

The problem will likely not improve soon as organizations adopt modernization and transformation initiatives that are outpacing the ability of security teams to adapt. This new paradigm demands that security teams modernize and transform themselves with AI, automation, intelligence, threat detection and big-data analytic capabilities. The solution to such a radical shift is a security platform that can scale and adapt to the business’s expanding digital footprint, evolve with the growing threat landscape, and be a force multiplier, creating an integrated environment that operates as a single solution.

Unfortunately, the phrase ‘security platform’ has become so exploited and misused that it has essentially lost its meaning. As with other overused terms and phrases, we need to clearly define what security platform means to understand its importance in creating an organizational security posture that is scalable, adaptable, agile, and built for a diverse and disparate IT ecosystem. Organizations will find that platforms and MSSPs that fail to meet the characteristics of a modern security platform are still solving problems for an age that has already come and gone.

https://esentire-dot-com-assets.s3.ca-central-1.amazonaws.com/assets/resourcefiles/451-Research-Report-Cloud-Native-Security-Platforms.pdf