News in the Channel - issue #13

NETWORK SECURITY

is critical to assume that internet-facing bastions will at some stage get breached, so ensure that segmentation, controls and monitoring are in place to contain and detect any such compromise.” Continuing threats Matt says that network threats will continue to become more prevalent and increasingly sophisticated. “AI is already helping threat actors with things like high-quality phishing lures and optimised targeting of user populations,” he says. “It will continue to become even more powerful as solutions grow and mature, helping attackers to create exploit code with a high degree of automation once patches are released, putting even more pressure on patching cycles for system and network administrators alike. “AI is becoming critical for defenders, too, with solutions maturing fast that can help analysts zero-in on the alerts that really matter, while unsupervised machine learning continues to play a key role in detecting and surfacing anomalous activities and behaviours across network and cloud environments. Expect to see a lot more AI-powered security solutions, updates and announcements in the coming year.” Mike adds that threat actors will continue to exploit organisations that have adopted new ways of working, such as hybrid or remote, but that have not yet evolved their network security to support this. “Sadly, in these scenarios, it is only post-breach that budgets become available for security projects,” he says. “In addition, as organisations adapt to new ways of working, more and more will be turning to approaches such as zero trust to help protect and secure their people, brand and assets. The challenge they face, however, is resource and availability, knowing where to start and what to do next. A credible zero trust gap analysis assessment can help understand their current position and where to invest next for the highest return.” Cybersecurity demands adaptability. Resellers should proactively discuss how organisations are responding to the latest threats and inquire about strategies to safeguard new cloud-based eCommerce platforms or finance systems. “ ”

CONTINUED

Mark agrees that resellers should initiate conversations with their customers and seek to assess existing security measures, identifying potential vulnerabilities and gauging the overall resilience to cyberthreats. “Once the current standpoint is clear, resellers can then highlight the value that enhanced security can bring to the business,” he says. “This could include improved protection against evolving threats, safeguarding sensitive data and ensuring compliance with industry regulations. Establishing these points helps tailor security solutions to the specific needs of the customer and emphasises the tangible benefits that come with it.” Resellers also play a crucial role in ensuring organisations stay ahead of emerging cyberthreats. “It's imperative for resellers to engage in conversations that address the current and future landscape of network security,” Adam says. “Cybersecurity demands adaptability. Resellers should proactively discuss how organisations are responding to the latest threats and inquire about strategies to safeguard new cloud-based eCommerce platforms or finance systems.” Spencer adds that resellers should look to educate customers about the proposed security solutions, while evaluating the efficacy of their network security protection measures. “Subsequently, a comprehensive discussion is held regarding the security budget and aligning it with the customer's expectations,” he says. “Throughout the implementation process, a commitment to open and transparent communication is upheld, ensuring regular updates on progress are shared. This commitment extends across the entire lifecycle of the implemented solutions, fostering a collaborative and informed partnership between the client and the security service provider.” It is also critical to stay up to date with the defensive technologies deployed and the firmware and software which runs on, or underpins, these platforms, Matt says. “Focus on minimising the number of internet-exposed services and applications, while protecting those which must be exposed using an independent combination of active defence and passive detection. Time and again, we see organisations being compromised due to an unnecessarily exposed remote desktop solution, or by an out-of-date VPN gateway. Even exchange server compromises are still prevalent for those who have not completed cloud migrations. Finally, architecturally, it

Matt Aldridge principal solutions consultant

opentext.com

Ryan Kunker senior director of channels and alliances

picussecurity.com

431062

Powered by