Gartner has shared top 10 security technologies for enterprise information security.
Cloud access security brokers grabbed first position in Gartner’s list. Cloud access security brokers provide information security professionals with a critical control point for the secure and compliant use of cloud services across multiple cloud providers.
Endpoint detection and response is in the second position. Gartner said the market for endpoint detection and response (EDR) solutions is expanding quickly in response to the need for more effective endpoint protection and the emerging imperative to detect potential breaches and react faster.
Third is, non-signature approaches for endpoint prevention. The implication is that signature-based approaches for malware prevention are ineffective against advanced and targeted attacks.
Fourth, user and entity behavioral analytics enables broad-scope security analytics, much like security information and event management enables broad-scope security monitoring
Fifth, microsegmentation and flow visibility, helps to address east/west traffic in enterprise networks once attackers access systems. Visualization tools enable operations and security administrators to understand flow patterns, set segmentation policies and monitor for deviations.
Sixth is security testing for DevOps and the seventh is intelligence-driven security operations center orchestration solutions.
Gartner says an intelligence-driven security operations center (SOC) goes beyond preventative technologies and the perimeter, and events-based monitoring.
Remote Browser is the technology listed in the eighth position. Most attacks start by targeting end-users with malware delivered via email, URLs or malicious websites.
According to Gartner, an emerging approach to address this risk is to remotely present the browser session from a “browser server” (typically Linux based) running on-premises or delivered as a cloud-based service.
Deception technologies are in the ninth position. Deception capabilities create fake vulnerabilities, systems, shares and cookies. If an attacker tries to attack these fake resources, it is a strong indicator that an attack is in progress, as a legitimate user should not see or try to access these resources.
Deception technologies are emerging for network, application, endpoint and data, with the best systems combing multiple techniques. By 2018, Gartner predicts that 10 percent of enterprises will use deception tools and tactics, and actively participate in deception operations against attackers.
The 10th technology for information security is to adopt pervasive trust services.
As enterprise security departments are asked to extend their protection capabilities to operational technology and the Internet of Things, new security models must emerge to provision and manage trust at scale.
Trust services are designed to scale and support the needs of billions of devices, many with limited processing capability. It becomes important as enterprises embrace new business technologies.
“Information security teams and infrastructure must adapt to support emerging digital business requirements, and simultaneously deal with the increasingly advanced threat environment,” said Neil MacDonald, vice president, distinguished analyst and Gartner Fellow Emeritus.