One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8524898 |
| Date de publication | 2024-06-24 14:16:35 (vue: 2024-06-24 22:06:27) |
| Titre | Sécurité centrée sur l'homme dans l'écosystème de cybersécurité et la stratégie Better Together de Pointpoint \\ Human Centric Security in the Cybersecurity Ecosystem and Proofpoint\\'s Better Together Strategy |
| Texte | In my previous blog, I detailed how Proofpoint has redefined email security, a central pillar of what Gartner has termed Human-Centric Security, one of their three strategic priorities for CISOs in 2024 and 2025. Now I\'d like to give you an idea of how we think human-centric security fits with the rest of the modern security stack and how the current trend toward more comprehensive security solution architectures is influencing our strategic direction. The Third Era It\'s worthwhile to start with a bit of history. In our view, we\'ve entered the third major evolution of cybersecurity. In the earliest period, the perimeter was established, and basic controls were put in place. The technologies were fewer and less capable, but the consequences of security failures were nowhere near as severe as they are now. In the second era, the perimeter largely dissolved and the rapid adoption of new technologies during the heyday of digital transformation led to a massive proliferation of point security solutions, cropping up nearly as fast as the tools they were meant to secure. Unfortunately, the cost of the security engineering, operational integration, and alert response required for these tools to be effective often outweighed the risk mitigation they provided. Now we\'ve arrived a phase where the security architectures of the future are finally taking shape. They share several key characteristics: they\'re highly integrated, cloud-deployed, and align to what security teams really need to protect: their infrastructure, the apps that run on it, the data that powers those applications, and of course the humans that simultaneously constitute their organization\'s greatest asset and biggest risk. The Pillars of a Modern Security Architecture To protect the spectrum between infrastructure and people, five key control planes have emerged. The first of those components is the network, where controls have moved past the classic confines of the firewall, proxy, VPN, and other network devices to the cloud-based consolidated services that make up the modern Secure Access Services Edge (SASE). Secondly, endpoint and server protection evolved into first Endpoint Detection and Response (EDR) and then XDR as servers were increasingly replaced by cloud workloads. That of course leaves the human element, to which I\'ll return shortly, and the two cross-architecture layers: the operational processes, increasingly automated, that drive the controls and respond to the alerts they generate, and the identity fabric, both human and machine, that ties everything together. These architectures are powerful on their own, and their effectiveness compounds when they\'re well integrated. Attackers have often exploited the gaps between poorly implemented and monitored security controls to pass from a compromise of a person\'s credentials through the network to the administrative privileges that make ransomware so disruptive. Frustrating adversaries becomes much more achievable when well-integrated security controls reinforce each other, providing not just defense in depth but also defense in breadth. For example, an attacker\'s job is much harder when the malicious attachment they use to try and target a person is blocked and analyzed, with the resulting intelligence shared across SASE and XDR. Human-Centric Security and the Ecosystem With the rise of these modern security architectures, our controls for protecting networks, endpoints, and infrastructure have evolved, becoming more comprehensive, adaptive, and effective. With over 90% of breaches involving the human element, Proofpoint\'s human-centric security platform uniquely does the same for people and integrates with the key leaders across the other five components of the modern security stack. In pioneering human-centric security, we\'ve brought together previously disconnected functionality to accomplish two critical goals. The first is helping organizations protect their people from targeted attacks, impersonation, and supplier risk, along with making their people more resilien |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | a 2024 2025 about abused access accomplish account achievable across actor adaptive additionally administrative adoption adversaries alert alerts align all almost along also alto analysis analyzed applications apps architectural architecture architectures are around arrived aspects asset attachment attacked attacker attackers attacks authentication automated automatically aware based basic become becomes becoming behavior best better between biggest bit blocked blog both breaches breadth brought build but can capable central centric characteristics: cisos classic cloud components compounds comprehensive compromise compromised confines connect consequences consolidated constitute continue control controls cost course credentials critical cropping cross crowdstrike current customer customers cyber cyberark cybersecurity data deeper defend defender defense deliver delivered delivering deployed depth detailed detection devices different digital direction disconnected disruptive dissolved does domains drive during each earliest ecosystem edge edr effective effectiveness element email emerged enable enabling endpoint endpoints engineering enhance ensure entered enterprises era established event everything evolution evolved example existing exploited fabric failures falcon fast fewer finally firewall first fits five focus forward from frustrating functionality future gaps gartner generate give given giving goals greatest harder has have hear help helping here heyday highly history how human humans idea identity impersonation implemented including increasingly influencing infrastructure integrated integrates integration integrations intelligence intentionally involving job joined joint just key largely lay layers layers: leaders leaves led less level leveraging like linked machine major make making malicious many massive may meant microsoft mistake mitigation modern monitored more moved much near nearest nearly need network networks new next not now nowhere often okta one operational operations opportunities organization organizations other out outcomes outweighed over own palo partners partnerships pass past path peers people perimeter period person phase pillar pillars pioneering place planes platform platforms plus point poorly potentially powerful powers previous previously priorities privileged privileges problem processes proliferation proofpoint protect protect: protecting protection provided providing proxy put quarters ransomware rapid really redefined register reimagined reinforce replaced required resilient respective respond response rest resulting return rise risk run same sase sase/sse scale second secondly secure security see series server servers services several severe shape share shared shortly side simultaneously solution solutions solve spectrum stack start stepped strategic strategy sum supplier taking target targeted teams technologies technology termed than them then these they think third those threat three through ties together tools toward transformation trend try two unfortunately unique uniquely upon use user users very view visibility vision vpn want well what when where whether which wildfire will workloads worthwhile xdr |
| Tags | Ransomware Tool Threat Prediction Cloud |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.