/
Cyber Resilience

Customer Perspective: Budget Allocation and Security Fears for 2020

 

What new line items have you added to your cloud/infrastructure/security budget in 2020?

Cybersecurity Architect at a top 5 law firm

This year, we’re allocating budget towards two specific initiatives: threat detection and threat deception. While we still take an outside-in approach to security, we have now adopted an ‘assume breach’ mindset and are focused on the components of Zero Trust to determine our strategy for minimizing the impact of a breach. We’re laser-focused on defending our critical data and applications, so a clear understanding of what “normal” looks like will help us to detect anomalous behavior more quickly. Additionally, we’re also focused on user behavior analytics (UBA) and application access and usage.

Chief security architect at a top SaaS company

As we move further into the public cloud, we’re continuing to expand our current budget with tools like Illumio, while adding new, innovative solutions to our stack. We’re investing in EDR solutions that will beat out legacy, signature-based anti-virus protection solutions and we’re in the process of implementing hash-based analysis tools and host- and network-based intrusion detection solutions, as well as a big SIEM SOC space.

Christopher Roden, Cloud Services Network Architect, Ultimate Software

The new technologies we are looking into this year are related to capacity and expansion, continued migration to public clouds for some of our DR environments, and expanding our inspection capabilities based on application processes. We just went through a greenfield deployment for a new data center build, so we’re looking to mature that infrastructure and operationalize services that have worked well in past data centers into this new environment.

From a security perspective, what keeps you up at night?

Cybersecurity Architect at a top 5 law firm

Nothing! I sleep like a baby. To be frank, nothing would surprise me at this point, but that doesn’t stop me from worrying about the time to detection and ensuring that we minimize that time as much as possible. We’re also focused on growing our team of professionally curious individuals who will further our mission to strengthen threat detection.

Chief security architect at a top SaaS company

Our company is responsible for a broad set of customer data. We’re dealing with very sensitive information and we have contractual and regulatory obligations to maintain the confidentiality of those customers. As we know, a data breach can have a lasting reputational and economic impact on an organization, so ensuring proper security is of the utmost importance to us. That said, we’re focused on designing for security as a first order of business. We’ve implemented all of the basic principles for how to design a healthy system, including least privilege, separation of duties, default deny, keep it simple open design, controls that people will follow, and so forth. Secondly, we implement the entire set of controls that are necessary to secure data. Not just partial implementation, but the full set of controls. This includes access management, network segmentation, patching and vulnerability management, etc. Even with all these tools (and others) in place, we may still experience a breach. As we know, attackers are becoming more sophisticated and working just as fast as security teams, so it’s a constant game of whack-a-mole.

Christopher Roden, Cloud Services Network Architect, Ultimate Software

A compromise (no matter how big or small) is always a concern. Especially from the outside-in. Application-level vulnerabilities are top of mind, but our DevOps and Security teams are working closely together to minimize the possibility of a security incident.

 

 

Related topics

No items found.

Related articles

Take Me to Your Domain Controller: How Attackers Move Laterally Through Your Environment
Cyber Resilience

Take Me to Your Domain Controller: How Attackers Move Laterally Through Your Environment

In the first part of this blog series, we saw different ways a threat actor can carry out the Discovery phase of the ATT&CK framework to gain a lay of the land after an initial infection.

More Steph Curry Enterprise Security Lessons: When Something Goes Wrong
Cyber Resilience

More Steph Curry Enterprise Security Lessons: When Something Goes Wrong

Security teams have to make decisions like this on the fly all the time, and the more data they have access to about the situation, the better decisions they can make.

ESG Research: How Small and Midsize Enterprises Can Fix Breach Unpreparedness
Cyber Resilience

ESG Research: How Small and Midsize Enterprises Can Fix Breach Unpreparedness

Get insight from analyst firm ESG research findings on where small and midsize businesses stand on Zero Trust and segmentation progress.

No items found.

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?