Netskope advocates the deployment of a security strategy based on three key pillars: cooperation between manufacturers, visibility and control, and continuous risk management.
In light of the latest incidents and security breaches that are impacting companies around the world, Netskope advocates moving forward and deploying a security strategy based on three key pillars: cooperation, visibility and control, and permanent risk management.
“Attacks like SolarWinds or those directed against other companies in the technology sector (FireEye) have revealed a truism: no one is safe from suffering a cyberattack, but also, something more worrying, security strategies are not working properly. Aware of this reality, at Netskope we are committed to developing a plan based on three practical lessons, considerations that go beyond speculation and that are nourished by what we have learned so far, " says Jason Clark, CSO of Netskope.
Collaboration and knowledge of the environment
Since cyberattacks are becoming more sophisticated and their pace, far from slowing down, continues to increase relentlessly, Netskope believes that collaboration between different manufacturers and security professionals is more important than ever. Unity, better and greater cooperation between the public and private sector on security matters, and the sharing of information on threats will help to overcome the main breaches and the most complex attacks.
"See it all, act immediately." Undoubtedly, two goals that, from a security point of view, all companies would love to achieve. However, reality shows that to achieve this, managers first need to understand what visibility and control really mean and entail. Therefore, it is essential to have a rigorous understanding of what happens in corporate networks, with the data and with the people who access it, in the entire environment and extended ecosystem.
The good news is that the technology is already there to enable it, even in highly distributed and cloud environments. Netskope offers its customers real-time visibility into the operational effectiveness of their cloud security controls - products, services, and supporting infrastructure.
Continuous risk management
As organizations continue to embrace the cloud, old ways of thinking about data protection are no longer effective. Thus, for example, the conception or idea that is maintained about Data Loss Prevention (DLP) belongs to an era of security before the cloud. Such a conception, built on the basis that "objects" are in a data center, protected by a perimeter that prevents data from leaking "out" and other data entering "in", is no longer valid.
Data protection in the cloud age is ultimately about context; authorize or disable access to them based on the deepest and most granular understanding possible of who the user is, what they are trying to do, and why they are doing it. Only by allowing conditional access controls to be defined taking into account the context of users, applications, devices, and data, will it be possible to carry out continuous risk management, and not based on an incomplete or outdated image of our environment.
0 Comments