alphaspirit - Fotolia
For most enterprise businesses, an effective modern threat management strategy requires a two-pronged approach. Security professionals must protect against traditional threats, while also keeping an eye on future threats and vulnerabilities that may not yet have emerged.
From a traditional threat perspective, the need to satisfy regulatory and compliance requirements is a top priority for security teams. Many compliance policies specifically target the protection of sensitive data and threats from external sources. Thus, integrating a threat management strategy to mitigate risk of data corruption or theft will be of utmost importance. Developing and enforcing a strategy around compliance is straightforward in most cases. This is made possible by the amount of third-party companies with services that are exclusively designed to help businesses achieve the proper level of compliance, usually based on one or more data protection management frameworks.
Security teams would be wise to look beyond known threats addressed in traditional threat management strategies and start to plan for the security risks of the future. This process can be a major challenge for security teams. After all, it is far more difficult to create a strategy against unknown, imagined threats than the kind they deal with every day.
Emerging threats can take one of two forms: Either 1) the threat is a new way to exploit a currently implemented technology, or 2) the threat targets newly deployed software, hardware or architectures. A threat against an IoT device is one example of the latter form of emerging threat. Other emerging threat technologies include public clouds, AI and mobile device usage.
To create an effective threat management strategy, security teams must include protections for both traditional and emerging threats. However, many conclude that too much time and effort are required to manage all threats using a host of disparate IT security tools. In response, many look to unified threat management (UTM) platforms. While a UTM system cannot protect against every threat, it does consolidate several security tools into a single pane of glass product. This includes virus, malware, web or content filtering, and email protection.
Dig Deeper on Data security strategies and governance
Related Q&A from Andrew Froehlich
The difference between network redundancy and resiliency is redundancy duplicates network devices while resiliency is the self-recovery of system ... Continue Reading
Programmable video is a growing trend in the CPaaS market to integrate video with apps and websites. Learn the use cases driving adoption of ... Continue Reading
Content delivery networks and cloud computing architectures may appear to serve the same function. But each has a specific role to play when ... Continue Reading