SECURITY

Which of Gartner’s 2019 Top 7 Security and Risk Management Trends Are Impacting Your Business? - Part III

If you followed my recent blogs about the Gartner Top 7 Security and Risk Trends for 2019, you probably read my take on trend no. 1, as well as no. 2 and 3

In this part of the series I am going to review trend no. 5, 6 and 7. You may notice that I skipped trend no. 4 - it’s an important one but not something we at Splunk are addressing at the moment. Enjoy!

TREND NO. 1: Leading SRM leaders are creating pragmatic risk appetite statements linked to business outcomes to engage their stakeholders more effectively.  
TREND NO. 2: There is renewed interest in implementing or maturing security operations centers (SOCs) with a focus on threat detection and response.  
TREND NO. 3: Leading organizations are utilizing a data security governance framework to prioritize data security investments.  
TREND NO. 4: “Passwordless” authentication is achieving market traction, driven by demand and the availability of biometrics and strong hardware-based authentication methods.  
TREND NO. 5: Security product vendors are increasingly offering premium services to help customers get more immediate value and to assist in skills training.  
How Splunk Can Help  

Our customer success organization includes services such as customer success manager and admin on-demand services to ensure that value is created . Because even though there may be similarities, each data journey at every organization is unique . Splunk customer success managers offer support on anything from use case development and data lifecycle to user enablement and building a center of excellence.

In addition to our online training, we offer educational workshops such as “Phantom for Rookies”, building automation playbooks for phishing or our top-notch capture the flag blue team exercise: Boss of the SOC - investigating and responding to a breach at Frothly - our favorite Beer Brewery whose brewing secrets have been stolen by an APT Group.

Hundreds of security teams have participated at Boss of the SOC over the years, making it one of the largest and most successful blue team exercises in the industry.

 
TREND NO. 6: Leading organizations are investing in and maturing their cloud security competency as it becomes the mainstream computing platform.  
Best Practices From Top Organizations How Splunk Can Help  
Novartis shared how it uses Splunk for public cloud monitoring. The organization uses SaaS (Software as a Service), PaaS (Platform as a Service), as well as IaaS (Infrastructure as a Service) and consolidates the generated data for Public Cloud Operations, IT Security, application owners as well as the Finance department. The latter allows the internal billing of services to specific cost centers through the finance model that is most suitable for Novartis.

Cloud applications and infrastructure are just another data source for us at Splunk - such as AWS, Azure, Office365 or GCP. Many analytical stories created by our security research team can be found in Splunk Enterprise Security for Cloud Security. Last but not least we offer an educational workshop on AWS Threat Hunting to respond to disclosed AWS API Keys and more. Ask your contact at Splunk about the workshop.

Splunk Apps for cloud services deliver this visibility, providing instant security and operational insights into the most popular cloud providers, which include Apps such as AWS, Service Now or Akamai.

 
TREND NO. 7: The strategic CARTA approach to security is starting to appear in more traditional security markets.  
Best Practices From Top Organizations How Splunk Can Help  

Siemens shared how it has been using a prevent, detect, investigate, respond approach for years to continuously improve its cybersecurity program. 

The Bank of England moved from a vendor-lead strategy to an adversary-lead strategy. It is doing so by focusing on the tactics and techniques cyber attackers apply. Moreover, the SOC was modernized and refined, enabling the security team of the Bank of England to spend 80% of its time to create new analytics rather than spending time on incident response. The security team is able to get a turnaround within 2 hours - from learning about a new attacker tactic to implementing the analytics for detection and validation in its environment. 

As we work with security teams across different industries, we observed that many organizations mature from a block/prevent strategy to continuous risk evaluation and trust assessment by detecting & responding with the right context in mind.

 

Thanks for reading! Looking forward to seeing you at Gartner’s Security and Risk Management Summit in London from the September 9th - 11th.

Matthias

Matthias Maier is Product Marketing Director at Splunk, as well as a technical evangelist in EMEA, responsible for communicating Splunk's go-to market strategy in the region. He works closely with customers to help them understand how machine data reveals new insights across application delivery, business analytics, IT operations, Internet of Things, and security and compliance. Matthias has a particular interest and expertise in security, and is the author of the Splunk App for IP Reputation. Previously, Matthias worked at TIBCO LogLogic and McAfee as a senior technical consultant. He is also a regular speaker at conferences on a range of enterprise technology topics.

Join the Discussion