SAAS SECURITY
CONTINUED
Trends There are several distinct trends in the market currently in the ongoing battle to keep ahead of cybercriminals. “SaaS security is moving toward continuous, automated checks that adapt as new threats emerge,” says Akhil. “Tools like SaaS Security Posture Management (SSPM) are becoming essential, continuously monitoring for common vulnerabilities like misconfigurations. Meanwhile, attackers are using AI and layered attacks to exploit weak spots in APIs and authentication. Staying ahead requires predictive, real-time monitoring that can detect and address risks before they escalate.” Vimalraj says that there is an upward trend in security spending, which underlines a growing recognition of high-profile attacks and sophisticated cyber fraud tactics,” he says. “It’s likely that businesses will devote more funds to the adoption of cutting-edge security technology, like cloud security solutions and AI-driven threat detection, as new threats emerge. In SaaS, these robust cybersecurity measures can help mitigate risks and safeguard sensitive information.” Pieter Vanlperen, CISO at Own Company, adds there is increasing focusing on advanced threat detection, zero trust architecture and AI-driven solutions to keep up with sophisticated cyberthreats. “As cybercriminals employ increasingly advanced tactics, it’s challenging for businesses to stay ahead, particularly as the attack surface grows with more SaaS integrations,” he says. “Tools like SSPM, automated attack surface scanning, IAM, and zero trust are now essential. Despite these advancements, keeping ahead of attackers remains challenging due to their adaptive methods, prompting a high demand for continuous monitoring, drift detection and correction, and proactive threat intelligence.”
Security CMS When it comes to SaaS such as a CMS there are many steps businesses can follow to prevent attacks, says Sebastian Gierlinger, VP of Engineering at Storyblok. “This includes making sure that the CMS platform’s access control and encryption features are turned on and configured correctly,” he says. “This is not only true for CMS systems but for almost all internet-connected services. “Provide employees and content contributors with only as much ability to access or change the content as they require. In most organisations, very few people need the ability to add, delete, or change content, or to modify other users’ access privileges. “When employees leave, turn off their CMS access immediately and have procedures in place to handle offboarding properly. “Design the system so that the servers containing the content cannot be accessed except via the CMS platforms, to separate assets and limit the damage that can be caused.” Reseller conversations When talking about security for SaaS solutions, there are various things that resellers should be highlighting to customers. “It’s important that resellers are aware of their producer’s security initiatives. We are now at a point where security sells,” says Adam. “Buyers will actively pursue evidence of security measures and even mandate it. Certainly, with the advent of DORA and other acts, we will see financial entities demand evidence of their security initiatives, activities and assessments.” Vimalraj agrees that resellers need to have in-depth discussions with customers to build understanding and trust. “This includes assessing each client's unique security risks and industry-specific vulnerabilities, clarifying the importance of regulatory compliance with standards
Sophie Sayer sales director
itgovernance.co.uk
Chris McKie VP, product marketing – security and networking solutions
kaseya.com
CONTINUED
www.newsinthechannel.co.uk
27
Powered by FlippingBook