Connect with us

Technology

Global Survey shows companies are using more automation in cybersecurity, but still have work to do

Global Survey shows companies are using more automation in cybersecurity, but still have work to do

Even much-hyped technologies like artificial intelligence and machine learning are nascent, with minimal adoption globally

Skybox® Security, a global leader in cybersecurity management, has released the results of a global survey conducted by Osterman Research, Understanding Security Processes and the Need to Automate.

The survey, which includes responses from 465 senior security leaders at large enterprises in the U.S., EMEA and APAC,reveals trends in the use of security automation, as well as artificial intelligence (AI) and machine learning (ML). Survey questions focused on workflows in firewall and security policy management and vulnerability management.

Key findings included some surprises. For example, according to the results, APAC is ahead of the U.S. and EMEA in terms of automation for processes involved in the management of firewall rules and security policy — the automation of these processes is least common in EMEA. And despite being hyped at shows and in the media, technologies such as artificial intelligence and machine learning are still in early days, with few organizations using AI/ML in production — just four percent of respondents in EMEA, nine percent in the U.S. and 27 percent in APAC.

In general, the report reveals that companies worldwide are continuing to struggle with network security management, especially as those networks are growing more complex and increasing in size. Surprisingly, most are only partially automating workflows and processes to help overcome these challenges — but they do see the value and are looking to automate more in the future.

“Many organizations have significant deficiencies with regard to their firewall and security management,” said Michael Osterman, principal analyst of Osterman Research. “Most realize that they need to improve the way they manage security and policy, and they also realize that automating workflows and processes is key to these improvements.”

Additional insights from the report include the following:

  • Cutting costs, making better use of skilled employees and network size/ complexityare top drivers for automation — but that varies by region. In EMEA, 61 percent of respondents said cost was the number one driver; 43 percent said it was in the U.S. Surprisingly, only 35 percent in APAC ranked costs as the key driver for automation. They instead ranked the difficulty of managing the size and complexity of their network as the primary reason (43 percent), as well as being able to move skilled staff off mundane activities to higher value/skill security tasks (40 percent).  The U.S. and EMEA also cited the challenges of managing network size and complexity as a heavy driver (42 percent and 38 percent respectively).
  • Better visibility and context are still needed. Organizations are still deficient in understanding network context and having visibility of firewall and security policy, including why firewall rules exist: 37 percent in the U.S., 61 percent in EMEA and 47 percent in APAC said they had only “minimal or some understanding.” Even more surprising, respondents said they have only minimal or some understanding of how security changes impact their business: 49 percent in the U.S., 63 percent in EMEA and 39 percent in APAC. And it appears that identifying vulnerabilities continues to be a challenge, with 53 percent in the U.S., 63 percent in EMEA and 42 percent in APAC having only minimal or some understanding of what vulnerabilities exist on network devices.
  • Security staff are bogged down with incident response processes, compliance management and making changes to the security infrastructure. The top things respondents said they spend a “substantial” amount of time on are: incident response triage/prioritization and compliance management for the U.S.;firewall configurations and out-of-process changes for EMEA; compliance management and security changes for APAC.
  • Security teams need help, with most organizations admitting they need to make major improvements in how they manage security and policy. The biggest improvements are needed in how organizations decommission applications: 72 percent of respondents in the U.S., 67 percent in EMEA and 54 percent in APAC say they do it “poorly or moderately.” Security teams also need help pruning firewall rules so that rulesets do not become bloated, with 67 percent in the U.S., 78 percent in EMEA and 48 percent in APAC saying they do it “poorly or moderately.” Ironically, these are areas where automation can make a huge impact.
  • Automation is an impetus for cloud migration. It’s no surprise that for many companies, migration to the cloud is having a significant impact on the automation of security policy changes. This is most notable in APAC where 43 percent of organizations said cloud is impacting the automation of security policy changes. Survey results also show that the vast majority of organizations are working on initiatives focused on security automation to support cloud environments.

“The good news: security leaders have started on their automation journey,” said Skybox Director of Product Marketing, Sean Keef. “However, the results of this survey show us that many companies have a long way to go. It seems security leaders are still trying to understand where they’re going to get the most value out of automation, while also ensuring they’re not putting the organization at risk. There are many areas, however, where it is absolutely essential to implement automation — and, in fact, where the automation reduces risk. For example, collecting/gathering data for attack surface visibility and modeling, network change management and rule life cycle management. Networks are simply becoming too large and complex to manage manually. If you’re not already working with a vendor in these areas, you should start looking for one.”

Click here to download the full report and to register for the September 18 webinar with Michael Osterman, click here. Michael will discuss further details of the survey and answer questions. Skybox will also present a short overview on how the Skybox® Security Suite can automate core security management workflows.

Technology

EeaseUS Free Data Recovery Software Recover Lost And Erased Documents

EeaseUS Free Data Recovery Software Recover Lost And Erased Documents 1

Have you anytime inadvertently masterminded erased or lost data from your work territory or PC? In case along these lines, by then you ought to appreciate the mistake and free for all such a scene causes. EaseUS Data Recovery Wizard is a free data recovery software that is made to encourage your torture. It has a simple to-utilize interface and is anything but difficult to use.

You can recover reports of different sorts going from pictures, messages, mp4 records, and extensively more. The data recovery writing computer programs is freed from any costs and is flawless with various stages. We have recorded down the key preferences and utilization of EaseUS best information recuperation programming to give you a superior comprehension of the item. Rapidly, there are three phases to utilizing this free recovery programming.

EeaseUS Free Data Recovery Software Recover Lost And Erased Documents 2

Establishment and Launch

To run the item, you will simply need to present the .exe record. The planning wizard will control you through the undeniable advances, and inside minutes you would have presented the free data recovery programming. The item has an unblemished interface with images at the top corner for express features or requests. An ordinary customer can without a very remarkable stretch change the item as per their necessities.

Examining

In the wake of impelling the free data recovery programming, pick the sort of record you have to recover from the presentation page. Next, you will be drawn closer to pick the drive where you have to play out the compass. Along these lines select the fitting drive or coordinator in like way. EaseUS confines your choice of clear to a lone coordinator or drives.

You can perform two kinds of ranges with EaseUS Data Recovery Software;

Significant Scan

Quick Scan

A quick scope takes commonly less time yet will give limited results. Significant Scan does progressively comprehensive separating of the concentrated on the spot. You can “Passage Scan Status” to save your checked results for quite a while later on.

Restoring of records

In the wake of searching for the principal records select the particular reports and snap onto the restore decision. You can pick all records additionally to restore. The free data recovery programming gives quality features to possible customers. Nevertheless, purchasing absolute programming will open different other helpful features.

Features of EaseUS Data Recovery Wizard

The data recovery programming makes plate pictures for smart for energetic record recovery. You can recover data from different sorts of contraptions including hard drives, workstations, propelled devices, work regions, and various others. You can use the item for the going with focal points.

Memory Card Data Recovery

USB Drive Data Recovery

PC Data Recovery

Other Digital Devices Data Recovery

EaseUS Data Recovery is a data recovery programming freed from any expenses or subtleties. It’s expected to adhere to different potential incident conditions and outfit you with an all-out response to the issue. Along these lines, if you ever lose some sort of data, directly off the bats don’t freeze. Don’t simply associate the hard drive as you can lose your data forever.

Present EaseUS Data Recovery programming to no end and address all your recovery issues. EaseUS Data Recovery stands separated from its possible adversaries as the item is straightforward, progressed with features, and significantly great with all stages.

Conclusion:

About our PC information, anything can occur. Regardless of our earnest attempts to keep up hard drives and abstain from tapping on obscure connections, mishaps happen constantly. Regardless of whether for individual use or at work, picking the correct information recuperation programming disposes of the pressure-related with lost/erased records.

EaseUS is, as I would like to think, the best in the business. If you appallingly lost a significant document, EaseUS is your smartest option for recuperating it. I trust that you discovered this EaseUS Data Recovery Wizard survey accommodating as you continued looking for dependable recuperation programming.

 

This is a Sponsored Feature.

Continue Reading

Shining a spotlight on operational resilience and cyber-risk in financial services

Shining a spotlight on operational resilience and cyber-risk in financial services 3

By Miles Tappin, VP of EMEA for ThreatConnect, explores why the financial services industry must build a cyber security strategy in 2020

The new digital landscape has welcomed financial institutions with open arms. Emerging technology such as Artificial intelligence (AI), crypto-currencies and big data have shown widespread benefits throughout the years, particularly how they have driven innovation and change. When it comes to retail banking, fintech providers have quickly taken the chance to offer personalised services to ensure they remain relevant to their target market and stand out among their competitors.

This has been particularly evident with Klarna, now Europe’s most valued fintech firm. Providing payment solutions for online storefronts, consumers are now able to shop and pay later with top retailers including the likes of H&M, Ikea and Zara. This is just one example of how easy it has become to successfully and strategically disrupt the payments sector.

With several new players entering the banking scene, traditional financial institutions are making sure that they stay one step ahead and are developing robust digital ecosystems that deliver omnichannel service models. However, this comes at a price. As technological change becomes part and parcel to remaining relevant in the sector, the industry needs to be aware of the cyber security challenges that may present themselves and how to overcome them.

2020: The year for cybercriminals targeting financial services

2020 has become a definitive year for cybersecurity in the financial services industry. Financial institutions are a lucrative target – they hold highly sensitive information and have a mandate to protect the personal information of their customers. It started with an unprecedented attack against Travelex where hackers successfully took some of the currency providers offline for nearly a month. Then came Coronavirus which sparked a new wave of malware and phishing threats. Research from VMware Carbon Black Cloud revealed that threats against financial institutions have surged by 238% since the start of the pandemic.

The renewed interest from cyber criminals comes at a time when regulators are paying close attention to the resilience of the sector. After a string of IT failures and breaches, financial organisations in the UK have been given a mandate from regulators to improve operational resilience. This means ensuring business models can withstand disruptive events from hackers or adversaries and quickly recover to protect the stability of financial systems.

In December 2019, the UK’s financial regulators published a series of consultation papers outlining their proposed approach to achieving greater operational resilience. The proposals suggested that financial institutions will be required to map out the systems and processes that support business services in order to identify any potential vulnerabilities that would pose a risk to the stability of the UK financial system or the firm’s standing.

Working together in tandem

Where cybersecurity used to be a classic back-office concern, it’s now a central part of digital strategies and a key pillar of both reputation and customer retention – financial legislation leaves no room for failure. All financial institutions need to ensure they have full visibility of their systems and can detect any potential threats.

The challenge for financial institutions is making the security tools they have purchased separately work together in tandem. Security teams buy a firewall, an email filter, threat intelligence feeds, antivirus software or enhanced endpoint protection, and whatever else they need individually. Each of them does a good job but they don’t talk to each other and valuable time is lost tending to individual systems that become a burden to run. At the same time, running multiple security systems is expensive. The more systems you have, the more highly skilled staff you need to manage them, and they’re few and far between.

The importance of sharing across communities

To reduce complexity and simplify decision making, financial organisations need to unify processes and technology to harness the security intelligence that comes from across their own security programmes and external sources to drive down risk. However, no financial institution can tackle the problem alone. Experienced threat actors using advanced techniques are constantly targeting the financial sector. The industry needs to come together as a whole to foster a sense of collaboration and data sharing.

Miles Tappin

Miles Tappin

In the same way that financial institutions have introduced open banking to deliver a fairer service to customers, the same needs to apply to security – all parts of the financial ecosystem need to unite and share information to learn from one another and succeed in the fight against adversaries that operate across borders.

By sharing alerts on cyber hazards and risk across financial institutions and with law enforcement, government agencies and other relevant authorities, it’s possible to build industry specific insights into cyber security threats and quickly pivot to gain more information on those specific threats and threat actors. By working together, a picture can be painted on threats coming from all manner of malicious activity, from malware to ransomware, to phishing and software vulnerabilities.

Creating a single source of intelligence

Having the right intelligence is not enough to ensure that intelligence is turned into action. Breaking down information and process silos across security teams allows financial organisation to analyse and act on the most pertinent information. Everyone has access to the risk and threats that matter most, and orchestration and automation of response helps overwhelmed security teams prioritise response plans and improve efficiencies in their security programme.

Integrating internal security tools and technologies, while also connecting to external sources of intelligence, creates a single source of intelligence that feeds operations and enables organisations to direct action against the threats that matter most. The outcomes of those actions further feed intelligence, providing the ability to further refine the efficacy of the entire security lifecycle.

This approach provides a continuous feedback loop for the people, processes and technologies that make up the security programme. It allows financial institutions to keep up with threat actors that have consistently adapted their methods to profit at the expense of the financial industry. Something that won’t stop anytime soon.

While financial services institutions tend to operate with security front of mind, there is still an opportunity to collaborate more within the industry and increase intelligence sharing, so CSOs and CTOs can understand as much as they can about the threats they are facing. For example, what types or variants of malware have been used to steal, delete, or ransom personal identifiable information or IP specific to financial services? What ransomware has been used in attacks against other organisations within the industry? How does this ransomware work and how does it ransom the targeted data? Ultimately, the more you know, the better and quicker you’ll be able to respond to a new threat and remain protected.

Continue Reading

Technology

Blackline reveals CEO succession plan

Blackline reveals CEO succession plan 4

By President & COO Marc Huffman appointed CEO as of Jan. 1st, 2021;
Founder Therese Tucker to serve as executive chair

Accounting automation software leader BlackLine, Inc. (Nasdaq: BL) today announced that the board of directors has elected Marc Huffman as chief executive officer, effective January 1st, 2021.  Mr. Huffman currently serves as president and chief operating officer.  Therese Tucker, who has served as CEO since founding BlackLine in 2001, will continue to serve on the company’s board as executive chair.

A seasoned SaaS (Software-as-a-Service) executive with more than 25 years of experience driving growth at successful software companies, Huffman joined BlackLine in early 2018 as chief operating officer.  He was named president in February 2020, leading the company’s worldwide sales, marketing, technology and all customer-facing organizations.  Since Huffman joined, BlackLine has scaled its sales and customer success teams, strategically repositioned its go-to-market plan, completed a global reseller agreement with SAP, established a subsidiary in Japan, and entered into a number of strategic alliances with the world’s leading consulting and advisory firms.

Prior to BlackLine, Huffman served as president of worldwide sales and distribution at NetSuite.  During his 14-year tenure, NetSuite grew from $3 million to $1 billion in annual revenue and became recognized as a global SaaS powerhouse.

“I’ve been so pleased with the leadership Marc has demonstrated over the past two and a half years, most recently driving our response to the COVID-19 pandemic – mitigating disruption to the business and our customers.  Because of Marc’s leadership, skill set, cultural alignment and stellar performance, BlackLine is in a better position to grow and scale than ever before,” said Ms. Tucker.  “I am incredibly proud of what we have achieved at BlackLine and believe Marc is the kind of leader I can trust to take our customer-centric values, vision and growth to the next level.  I am also thrilled that in addition to providing strategic oversight as executive chair, I will now have more time to focus on the areas I love most – product innovation and customer success.”

The announced transition is part of a multi-year succession plan that has involved seeking potential successors, bringing the right person on board, seeing that person excel, and Tucker and Huffman working methodically together over several years to build out the leadership team and strategic growth plan and ensure values were aligned.

“I am ready and excited for this next step.  BlackLine is a special place with a strong culture and I am looking forward to leading the company through its next phase of growth,” said Huffman.  “We’ve got the team, the plan, and now we are focused on execution as we continue to scale the business and make BlackLine an indispensable platform for Finance & Accounting organizations globally.”

Commenting on the CEO and executive chair changes, John Brennan, BlackLine’s chairman of the board, said, “We are excited to announce Marc’s appointment as CEO.  His experience successfully expanding and scaling NetSuite into new strategic and geographical markets is invaluable as BlackLine continues to penetrate what we believe is still an untapped market.  Coupled with his proven track record at BlackLine we are confident that, under Marc’s leadership, the company’s momentum, growth and success will only accelerate.”

Mr. Brennan added, “Therese has been a strong and inspirational leader since she founded BlackLine just over 19 years ago.  Her unwavering determination and commitment to both customers and employees has been the driving force behind the company’s incredible journey from start-up to global market leader.  We look forward to having her serve as executive chair, a position in which she will continue to shape the future of the company she has built from the ground up.”

Upon Tucker’s assumption of the executive chair role, Brennan will serve as the board’s lead outside director.

Continue Reading

Call For Entries

Global Banking and Finance Review Awards Nominations 2020
2020 Global Banking & Finance Awards now open. Click Here

Latest Articles

EeaseUS Free Data Recovery Software Recover Lost And Erased Documents 5 EeaseUS Free Data Recovery Software Recover Lost And Erased Documents 6
Technology4 hours ago

EeaseUS Free Data Recovery Software Recover Lost And Erased Documents

Have you anytime inadvertently masterminded erased or lost data from your work territory or PC? In case along these lines,...

Shawbrook Bank “cautiously optimistic” as it Publishes Half Year Report for 2020 8 Shawbrook Bank “cautiously optimistic” as it Publishes Half Year Report for 2020 9
7 hours ago

Shawbrook Bank “cautiously optimistic” as it Publishes Half Year Report for 2020

Financial performance impacted by the pandemic Expected credit loss (ECL) charges of £45.8 million recognised on loans and advances to customers...

Shining a spotlight on operational resilience and cyber-risk in financial services 10 Shining a spotlight on operational resilience and cyber-risk in financial services 11
8 hours ago

Shining a spotlight on operational resilience and cyber-risk in financial services

By Miles Tappin, VP of EMEA for ThreatConnect, explores why the financial services industry must build a cyber security strategy...

Front line strategies for responding to the COVID-19 crisis: Experiences from legal team leaders around the world 12 Front line strategies for responding to the COVID-19 crisis: Experiences from legal team leaders around the world 13
Interviews9 hours ago

Front line strategies for responding to the COVID-19 crisis: Experiences from legal team leaders around the world

By Diane Dix – General Counsel, Total Safety, Marc Michael – Chief Counsel, Global Dispute Resolution, AES Corp, Tim Williams...

Reinventing Your Digital Marketing Strategy Post-Covid 14 Reinventing Your Digital Marketing Strategy Post-Covid 15
Business9 hours ago

Reinventing Your Digital Marketing Strategy Post-Covid

By Paige Arnof-Fenn, Founder & CEO Mavens & Moguls I started a global branding and marketing firm 19 years ago. Marketing...

The impact of a recession on your pension 16 The impact of a recession on your pension 17
10 hours ago

The impact of a recession on your pension

By James Turner, Director at Turner Little  The stock market is beginning to show signs of life as measures introduced...

From accountants to advisors: changing roles and expectations 18 From accountants to advisors: changing roles and expectations 19
Finance11 hours ago

From accountants to advisors: changing roles and expectations

By Chris Downing, Director for Accountants & Bookkeepers at Sage The line between strategic advisor and traditional accountant is blurring....

Trust matters more than ever in an uncertain world 20 Trust matters more than ever in an uncertain world 21
Top Stories11 hours ago

Trust matters more than ever in an uncertain world

By Zac Cohen, COO, Trulioo Trust in the time of COVID-19 Perhaps more than ever before, retail and investment banks...

Banking beyond the office 22 Banking beyond the office 23
Business12 hours ago

Banking beyond the office

By Tim Hood is the Associate Vice President for Hyland in EMEA.   Following months of unprecedented challenges, the global...

Rethinking business travel post-pandemic 24 Rethinking business travel post-pandemic 25
Business12 hours ago

Rethinking business travel post-pandemic

By John Charnock, CEO of StressFreeCarRental.com. All over the world, governments are still working to contain COVID-19. Worldwide lockdown measures...