SECURITY

Which of Gartner’s 2019 Top 7 Security and Risk Management Trends Are Impacting Your Business? - Part II

In my most recent article, I blogged about the Gartner Top 7 Security and Risk Trends for 2019 and explained how Splunk, Splunk Customers and Splunk Partners address trend No. 1. I also talked about how leaders in security and risk management create pragmatic risk appetite and link their statements to business outcomes.

This blog is a review of trend No. 2 and No 3.

TREND NO. 1: Leading SRM leaders are creating pragmatic risk appetite statements linked to business outcomes to engage their stakeholders more effectively.
TREND NO. 2: There is renewed interest in implementing or maturing security operations centers (SOCs) with a focus on threat detection and response.
Best Practices  From Top Organizations How Splunk & Partners Can Help

At SplunkLive! Germany 2019, Dachser Logistics shared why it selected Splunk to implement threat detection and response. The company talked about how it exchanges threat intelligence with the German government and how it tied the investment into its ISO27001 efforts.

Fresenius utilizes Splunk Phantom for TIER 1 & Tier 2 analyst work automation as it wasn’t able to find enough talent (even though Fresenius created a company cyber risk index, whose own management and CFO loved - ref. Trend No. 1). 

The University of Exeter uses the MITRE ATT&CK Framework and Splunk Enterprise Security in its SOC to strengthen its detection capabilities. 

At .conf 2019, you’ll hear Datev talk about how it supercharges its security operations center with Splunk and MITRE ATT&CK among others, such as Charles Schwab, Kaiser Permanente, Texas Instruments, Publix Supermarkets or Deloitte’s own Olaf Hartong on his Threat Hunting App mapped to MITRE ATT&CK.

We've introduced the Splunk Security Operations Suite which includes threat detection with Splunk UBA and Splunk Enterprise Security (ES) content subscription. The investigation workflows in ES and the automation capabilities in Splunk Phantom cover the response aspects to modernize and mature security operations centers.

This trend drives the adoption, from vendors as well as organizations’ security teams, of the MITRE ATT&CK Framework. We have also prepared a webinar together with ISC2  to explain what it is, why and how you should use it. Our analytical stories in Splunk Enterprise Security are all mapped to MITRE ATT&CK.

With an open eco system for security operations we have joined with industry peers such as Crowdstrike, PaloAlto, Cisco or Symantec.

There are many partners who provide either fully managed or very successful hybrid managed security operations. For example Accenture and Airbus. You can find them and many more in our partner locator.

TREND NO. 3: Leading organizations are utilizing a data security governance framework to prioritize data security investments.
Best Practices  From Top Organizations How Splunk & Partners Can Help
At last year’s .conf, Deloitte’s Risk and Financial Advisory Group shared how Splunk & Machine Data is used in Deloitte Consulting Engagements for privacy and data governance. Everything from data in-transition monitoring to consent revocation monitoring and data erasure verification.

Knowing where sensitive data is stored and who has access to it is mandatory as stipulated by data protection laws. Ensuring a proper audit trail to address any kind of breach has to be the highest priority for security managers. We walked through a whole data security scenario in a day in a life of a breach

To track and measure the effectiveness of data security governance, firewall data isn’t what you need. - You would most likely need to get to the application level which showcases Splunk’s strength for collecting and processing data from any kind of technology. For monitoring and tracking access, it is essential to collect data from business applications such as CRM or HR apps. 

Addons, like Workday, SAP, SalesForce or more generic ones to connect to rest API’s or invoke Webhooks are in very high demand.

Our Partner Digital Guardian, who is providing a DLP and EDR solution, has created an awesome app integration. 

TREND NO. 4: “Passwordless” authentication is achieving market traction, driven by demand and the availability of biometrics and strong hardware-based authentication methods.
TREND NO. 5: Security product vendors are increasingly offering premium services to help customers get more immediate value and to assist in skills training.
TREND NO. 6: Leading organizations are investing in and maturing their cloud security competency as it becomes the mainstream computing platform.
TREND NO. 7: The strategic CARTA approach to security is starting to appear in more traditional security markets.

 

Looking forward to seeing you at Gartner’s Security and Risk Management Summit in London from the 9th to the 11th of September.

Until next time,

Matthias

Read part I & part III here.

Matthias Maier
Posted by

Matthias Maier

Matthias Maier is Product Marketing Director at Splunk, as well as a technical evangelist in EMEA, responsible for communicating Splunk's go-to market strategy in the region. He works closely with customers to help them understand how machine data reveals new insights across application delivery, business analytics, IT operations, Internet of Things, and security and compliance. Matthias has a particular interest and expertise in security, and is the author of the Splunk App for IP Reputation. Previously, Matthias worked at TIBCO LogLogic and McAfee as a senior technical consultant. He is also a regular speaker at conferences on a range of enterprise technology topics.

Join the Discussion