One Article Review
| Source |  AlienVault Lab Blog |
|---|---|
| Identifiant | 8439906 |
| Date de publication | 2024-01-17 11:00:00 (vue: 2024-01-17 15:07:44) |
| Titre | Opérations de cybersécurité en 2024: le SOC du futur Cybersecurity operations in 2024: The SOC of the future |
| Texte | This is part two of a three-part series written by AT&T Cybersecurity evangelist Theresa Lanowitz. It’s intended to be future-looking, provocative, and encourage discussion. The author wants to assure you that no generative AI was used in any part of this blog. Part one: Unusual, thought-provoking predictions for cybersecurity in 2024 Part three: Four cybersecurity trends you should know for 2024 With the democratization of computing comes attack surface expansion. According to Gartner, 91% of businesses are engaged in some form of digital initiative, and 87% of senior business leaders say digitalization is a priority. 89% of all companies have already adopted a digital-first business strategy or are planning to do so. The more digital the world becomes the greater the attack surface. This is simply a fact. Securing that ever-expanding attack surface is where we will see innovation. The security operations center (SOC) must modernize to keep pace with the always-on and digital-first world delivered through innovations such as edge computing, AI, and IoT. The SOC of the future will need to expand to address: Edge computing Edge computing is happening all around us. Defined by three primary characteristics: software-defined, data-driven, and distributed, edge computing use cases are expanding to deliver business outcomes. Edge computing is a sea-change in the world of computing. As edge use cases deliver business value and competitive advantage, the technology changes – networks with lower latency, ephemeral applets, and a digital-first experience, are the requirements for all edge computing use cases. Edge computing needs to be embraced and managed by the SOC. There are diverse endpoints, new software stacks, and a rapidly changing attack surface that needs to be mapped and understood. In 2024, expect to see SOC teams, with roles that include security engineer/architect, security analyst, SOC manager, forensics investigator, threat responder, security analyst, and compliance auditor, begin to determine how edge computing needs to be secured. SOCs will explore various management activities, including understanding diverse and intentional endpoints, complete mapping of the attack surface, and ways to manage the fast-paced addition or subtraction of endpoints. Application security Without a doubt, we are living in a world built on software. Software is only as secure as the development requirements. Software controls our traditional applications that are still batch-based, sigh, and near-real-time edge interactions. Software is how the world works. With innovations in computing, software is changing; it is no longer about graphical user interface (GUI) applications that require some keyboard input to produce output. Edge computing is taking software to the next level of sophistication, with non-GUI or headless applets becoming the norm. While the software bill of materials (SBoM) requirements advance the cause of application security, edge computing and its reliance on functioning, performant, and secure software will make application security a necessity. In 2024, expect to see software engineering practices emphasizing security emerge. Simply being able to write code will no longer be enough; developers will increase their sophistication and require more security expertise to complement their already deep skill sets. Educational institutions at secondary and university levels are |
| Envoyé | Oui |
| Condensat | 89 2023 2024 2024: 2026 able about according achieve act active active/non actively activities add addition address address: adopted advance advancements advancing advantage adversary ahead all already always analyst any anywhere applets application applications are around aspects assets assist assure at&t attack attributes auditor author autonomous based batch becomes becoming begin being bill blog bookmark built business businesses but cannot capture cases cause center change changes changing changing; characteristics: closer code collection comes coming companies competitive complement complete complex complexity compliance comprised computing consumed continue continues controls correlate corruption critical cybersecurity data date decisions decommissioned deep defined deliver delivered democratization desktops details detection determine developers development differently digital digitalization discussion distill distributed diverse diversifying does doubt driven drones ease easily easy edge edr educational effectively efficiency embrace embraced emerge emphasis emphasizing encourage endeavor endpoint endpoints energy engaged engineer/architect engineering enough; entry environments ephemeral evangelist ever expand expanding expansion expect experience expertise explore extended fact fast firm firmware firmware/operating first forensics form forward four free full functioning future gartner generated generation generative goal governance granular graphical great greater grow gui happening harsh have headless host hosting how however i’ll idc identification identified identify include including increase industry information initiative innovation innovations input insights institutions intelligence intended intentional interactions interface investigator iot isn it’s its keep keyboard kinds know languish lanowitz laptops latency leaders left legacy level levels lifecycle living location longer look looking lot lower make making manage managed management manager manufacturer map mapped mapping materials maturing means model modernize monitor months more most move much must near necessity need needed needs networks new next non norm not offer one: only operating operations other outcomes output pace paced part participant participants participating performant pertinent phones physical pieces planning point practices precise precisely predictions preparing primary priority processing produce projects properly protected provide provocative provoking rapidly real realities relevant reliance report representation require requirement requirements responder response responsibility retired robots roles say sbom sea secondary secure secured securing security see seek senior series sets should shows sigh significant simple simply skill soc socs software solutions some something sophistication sounds specific spending stack stacks startups status strategy subset subtraction such suggesting surface surpass system tablets taking talking team teams technology than theresa these thought threat three three: through time today traditional trends trillion trusted two type types understand understanding understood unguarded university unusual usable use used user value various visually wants way ways wearables what where whether will without workloads works world worldwide write written xdr |
| Tags | Threat |
| Stories | |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.