State-of-the-art cyber security technology – Roundtable
Participants:
Bart Van den Branden, Cegeka
Stijn Rommens, Security Engineering Manager Southern & Northern Europe Vectra
Steven De Ruyver, Area Sales Manager Belux Cisco
Patrick Commers, Fortinet Storyteller/Sales/Evangelist
Bart Asnot, Technical Specialist Security & Compliance, Microsoft
Mikkel Planck, Senior Sales Engineer Crowdstrike
Moderator: Ulrich Seldeslachts, CEO LSEC Leaders in Security
Actually, a full answer would be rather difficult, considering how broad the scope of the question is… So probably a better question would be: what is right for your business today, and what is your roadmap to handle emerging challenges? Then go for the appropriate “state-of-the-art’ for those specific needs. Furthermore, whatever technology acquired by a company must be integrated in an existing security environment… which most of the time is overly and hopelessly too complex (often with many dozens of point solutions). So, the introduction of true state-of-the-art-technology requires a major rethink of your security architecture. First, establish a baseline conforming to the nature of your industry, and then go for the right state-of-the-art.
State-of-the-art
Considering the diversity of companies on the panel, many developments were mentioned. Obviously, AI and machine learning-enabled security tools are hot, but also many forms of automation (including automated responses), advanced trouble/root cause detection, enriched threat information and more.
Interestingly, specific attention was drawn to the need and use of people in a holistic security system! State-of-the-art not only allows human experts to react faster and more appropriate to incidents, but also includes a broad security awareness of all people in a company. Actually, this is an aspect that co-determines the security maturity of a company, with state-of-the-art requiring a solid maturity. And it will also determine the potential of the company to attract the required specialists…
Sufficient data
Today, a major challenge is finding relevant actionable information on incidents in your company’s environment. It is a matter of collecting the data, the necessary aggregation and interpretation of the data… and removing all the noise! Additionally, there is the challenge of getting information from networks and processing environments you don’t own (e.g., the cloud), and to find the information you don’t know yet but do need. That will demand a better use of existing technology, improvement of this technology and continuous vigilance regarding emerging threats.
Beyond state-of-the-art?
The future will include even more automation, with e.g. self-healing networks. Also, actionable cyber intelligence will grow in importance (in an open exchange of information). And even more important will be the need for security solutions to offer more business value. As it is, budgets are available, but yet all too often in the wake of an incident. This must change, with security solutions not simply repairing damage, but offering value.