Best Practices

CyberSecurity Services: Industry Innovation Accelerator

Our CyberCloud Services are intended to offer small and large organizations the full suite of capabilities they need to protect themselves from all manners of online threats.

With the world of cyber threats continually and rapidly evolving, and the scale and complexity of Cloud environments these days, there is an equally large and continually evolving opportunity for innovative new niche solutions in this sector.

Industry Taxonomy

The purpose of this article is to provide a rolling taxonomy and industry overview, to help buyers understand the landscape, what security capabilities they may need and where vendors fit within this landscape.

Capability Features Vendors
Cloud Security Cloud Security is the technology and best practices designed to protect data and information within a cloud architecture.
Cloud Firewalls cloud firewall protects cloud infrastructure from attacks, just as a traditional firewall protects on-premise networks. AWS Network Firewall provides organizations using AWS with a centralized method to implement security measures and policies across VPCs and accounts.
Cyber Attack Protection Technologies and practices to prevent attempts by cybercriminals to disable computers, steal data, or use a breached computer system to launch additional attacks.
Security Testing Security testing is a process intended to reveal flaws in the security mechanisms of an information system, including Penetration Testing and Vulnerability Scanning. Intruder is an online vulnerability scanner that finds cyber security weaknesses in your digital infrastructure, to avoid costly data breaches.
Email Security Email security helps protect an organization’s attack surface from cyber threats that use email account attack vectors such as phishing and spam to gain unauthorized access to the network. FortiMail delivers AI-powered, multi-layer protection against the full spectrum of email-borne threats.
Cyber Deception Deception technology is a category of cyber security defense mechanisms that provide early warning of potential cyber security attacks and alert organizations of unauthorized activity. – Lupovis offers ‘Snare‘ – Deception as a service.
Identity Management Ensure that authorized people – and only authorized people – have access to the technology resources they need to perform their job functions.
Privileged access management (PAM) PAM consists of the cybersecurity strategies and technologies for exerting control over the elevated (“privileged”) access and permissions for users, accounts, processes, and systems across an IT environment. – One Identity offers Safeguard for Privileged Sessions.
Data Security Data security is the process of safeguarding digital information throughout its entire life cycle to protect it from corruption, theft, or unauthorized access.
Cryptography Cryptography is used to keep messages and data secure from being accessible to anyone other than the sender and the intended recipient. – Entrust offers Cryptography as a Service.
E-Signatures A digital signature is an electronic, encrypted, stamp of authentication on digital information such as email messages, macros, or electronic documents. A signature confirms that the information originated from the signer and has not been altered. – Acronis offers a Blockchain-based notary service.
Content Security Content security deals with the nature of the information being accessed, detecting and actioning illicit content like terrorism and child abuse. – Cyacomb scans digital content at scale, finding and flagging harmful content while protecting database security and user privacy.
Monitoring and Response Continuously monitoring a computer network or system to detect and prevent cyber attacks, with an incident response plan that outlines what an organisation should do in the event of a data breach or other form of security incident.
SIEM A SIEM solution is security software that gives organizations a bird’s-eye-view of activity across their entire network so they can respond to threats faster—before business is disrupted. – Defence.com offers a managed SIEM service.
EDR Endpoint Detection and Response (EDR) continuously monitors end-user devices to detect and respond to cyber threats like ransomware and malware. – Sophos offers Intercept X Endpoint.
Dark Web Monitoring Dark Web Monitoring is a service which regularly searches places on the dark web where information is traded and sold, looking for your information. LastPass monitors your email addresses continuously within a database of breached credentials and immediately alerts you via email if they have been compromised.
DevSecOps DevSecOps is the practice of integrating security testing at every stage of the software development process.
Automatic code scanning Automatically eliminating bugs and vulnerabilities at source and creating more secure software. GuardRails eliminates vulnerabilities at source, educates developers in real-time, minimizes the security bottleneck, and helps organizations go faster to market.

digitalscotland

Editor of DigitalScot.net. On a mission to build a world leading Scottish digital nation.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button