Companies are hiring cybersecurity professionals to analyze security and risk issues as cybersecurity and regulatory compliance become essential.

FREMONT, CA: As cybersecurity and regulatory compliance become the primary concerns of company boards, companies are adding cybersecurity specialists to examine security and risk problems.

Network security mesh

The cybersecurity mesh is a contemporary conceptual approach to a security architecture that enables scattered enterprises to implement and extend protection where it is most required.

When COVID-19 boosted digital business, it also accelerated the trend in which a growing number of digital assets—and people—are placed outside the traditional company infrastructure. Moreover, cybersecurity professionals are tasked with securing a vast array of digital transformations and other new technologies. This necessitates security alternatives that are adaptable, agile, scalable, and modular, i.e., those that enable the company to move into the future while remaining secure.

Cyber-savvy boards

With a rise in highly publicized security breaches and an increase in ransomware-related company disruptions, boards are focusing more on cybersecurity. They perceive it as a significant threat to businesses. They organize cybersecurity-focused committees, frequently led by a board member with security experience (such as a previous chief information security officer [CISO]) or a third-party consultant.

Consequently, CISOs may anticipate an increase in scrutiny and expectations, as well as an increase in assistance and resources.

Vendor consolidation

Today's security reality is that security leaders have an abundance of instruments. In the 2020 CISO Effectiveness Survey, Gartner revealed that 78 percent of CISOs had 16 or more tools in their cybersecurity vendor portfolio, while 12 percent had 46 or more. Too many security vendors result in complicated security operations and an increase in the number of security personnel.

Eighty percent of firms either have a strategy in place or are interested in implementing one for vendor consolidation to improve security efficiency. Large security providers are reacting with products that are better integrated. However, the merger is complex and typically takes years to do. Despite the perception that lower costs drive this trend, more streamlined operations and decreased risk are frequently more attainable.

Identity-first protection

Identity as the perimeter is a trend strengthened by hybrid work and cloud application migration. Identity-first security is not new, but it has taken on a new sense of urgency as attackers target identity and access management skills to achieve silent persistence.

Today, credential abuse is the most common breach strategy. Nation-state-level attackers target active directory and the identity infrastructure with spectacular success. Identity is a crucial mechanism for lateral mobility across air-gapped networks. The prevalence of multifactor authentication is increasing, but it is not a panacea. Identity infrastructure must be meticulously established, maintained, and monitored.