As the threat landscape constantly evolves, companies keep investing in new security solutions to counter each new threat type that plagues the cyber world. Over time with each new solution infrastructure becomes increasingly complex and fragmented. For example; advanced persistent threats led to a demand for sandboxing, polymorphic malware resulted in signatureless anti-malware software, ransomware created the need for secure process monitoring.
These point solutions are not integrated, security teams investigating an incident are routinely trying to build a picture from multiple data sets and reports – frustrating attempts to quickly mitigate threats. This stems from the fact that a traditional environment where only firewalls and anti-virus solutions were prevalent, many organisations now have dozens of security products from a wide variety of vendors, causing substantial complexity in the environment.
Complexity has driven a loss in visibility, in both scope and effectiveness, such that security leaders cannot be certain whether they are over- or under-invested in protection. Have we reached the point now where security complexity now itself presents a threat to the business?
In this Computing web seminar our expert panel explains how we got here, our research shows the scale of the problem facing enterprises, and we look at practical steps that enterprises can take to reduce complexity, manage risk, and speed up incident resolution.
Panel
Duncan Brown is Forcepoint’s Chief Security Strategist in EMEA, and leads the firm’s C-level engagement in the region. He advises customers on business strategy, and how this can be enabled and accelerated through the appropriate application of technology. He acts as adviser and coach to CISOs, CIOs and board executives on risk assessment and mitigation, and aids in the translation of desired business outcomes into technology solutions. Duncan is a self-confessed GDPR junkie and an advocate of pragmatic privacy in the workplace. Duncan was formerly IDC’s vice president, European Security Practice, at IDC EMEA and led the firm’s market-leading security research program in Europe. He established and led IDC’s pioneering coverage of the global impact of the GDPR and NIS Directive on technology companies and their customers.
Register