• Tech News
    • Games
    • Pc & Laptop
    • Mobile Tech
    • Ar & Vr
    • Security
  • Startup
    • Fintech
  • Reviews
  • How To
What's Hot

Elementor #32036

January 24, 2025

The Redmi Note 13 is a bigger downgrade compared to the 5G model than you might think

April 18, 2024

Xiaomi Redmi Watch 4 is a budget smartwatch with a premium look and feel

April 16, 2024
Facebook Twitter Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
Facebook Twitter Instagram Pinterest VKontakte
Behind The ScreenBehind The Screen
  • Tech News
    1. Games
    2. Pc & Laptop
    3. Mobile Tech
    4. Ar & Vr
    5. Security
    6. View All

    Bring Elden Ring to the table with the upcoming board game adaptation

    September 19, 2022

    ONI: Road to be the Mightiest Oni reveals its opening movie

    September 19, 2022

    GTA 6 images and footage allegedly leak

    September 19, 2022

    Wild west adventure Card Cowboy turns cards into weird and silly stories

    September 18, 2022

    7 Reasons Why You Should Study PHP Programming Language

    October 19, 2022

    Logitech MX Master 3S and MX Keys Combo for Business Gen 2 Review

    October 9, 2022

    Lenovo ThinkPad X1 Carbon Gen10 Review

    September 18, 2022

    Lenovo IdeaPad 5i Chromebook, 16-inch+120Hz

    September 3, 2022

    It’s 2023 and Spotify Still Can’t Say When AirPlay 2 Support Will Arrive

    April 4, 2023

    YouTube adds very convenient iPhone homescreen widgets

    October 15, 2022

    Google finishes iOS 16 Lock Screen widgets rollout w/ Maps

    October 14, 2022

    Is Apple actually turning iMessage into AIM or is this sketchy redesign rumor for laughs?

    October 14, 2022

    MeetKai launches AI-powered metaverse, starting with a billboard in Times Square

    August 10, 2022

    The DeanBeat: RP1 simulates putting 4,000 people together in a single metaverse plaza

    August 10, 2022

    Improving the customer experience with virtual and augmented reality

    August 10, 2022

    Why the metaverse won’t fall to Clubhouse’s fate

    August 10, 2022

    How Apple privacy changes have forced social media marketing to evolve

    October 16, 2022

    Microsoft Patch Tuesday October Fixed 85 Vulnerabilities – Latest Hacking News

    October 16, 2022

    Decentralization and KYC compliance: Critical concepts in sovereign policy

    October 15, 2022

    What Thoma Bravo’s latest acquisition reveals about identity management

    October 14, 2022

    What is a Service Robot? The vision of an intelligent service application is possible.

    November 7, 2022

    Tom Brady just chucked another Microsoft Surface tablet

    September 18, 2022

    The best AIO coolers for your PC in 2022

    September 18, 2022

    YC’s Michael Seibel clarifies some misconceptions about the accelerator • DailyTech

    September 18, 2022
  • Startup
    • Fintech
  • Reviews
  • How To
Behind The ScreenBehind The Screen
Home»Tech News»CISOs should spend on critical apps, cloud, zero-trust, in 2023
Tech News

CISOs should spend on critical apps, cloud, zero-trust, in 2023

September 12, 2022No Comments4 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
CISOs should spend on critical apps, cloud, zero-trust, in 2023
Share
Facebook Twitter LinkedIn Pinterest Email

Although the global economy faces troubled times, we can expect no pause in cyber threats and attacks, so CISOs must direct investment towards technologies to protect customer-facing and revenue-generating workloads, and should consider increasing or defending their investment in critical applications and cloud security, zero-trust technology and operations during 2023, according to analyst house Forrester’s Planning guide 2023: security and risk.

The Security and risk guide is part of a wider series of 2023 investment forecasts produced by Forrester, which collectively suggest IT buyers and business leaders who plan for “business as usual” modest spending increases in 2023 will find themselves falling short, and in a turbulent global economy, advises that a more disciplined and precise approach will be needed to planning in order to “trim waste, experiment, and make bold, smart investments”.

“Leaders are faced with navigating a tumultuous business landscape defined by global unrest, supply chain instability and soaring inflation, as well as the ongoing aftermath of the pandemic,” said Sharyn Leaver, chief research officer at Forrester. “Tackling 2023 budget planning is a daunting task.”

Maxim Merritt, vice-president and research director at Forrester, said the surge in breaches, ransomware, legislation and third-party requirements since 2017 has already forced executives beyond the confines of the security function to recognise how important comprehensive cyber controls really are, which has led to an increase in budget and high demand for compliance and security pros at all levels of the organisation.

But as CISOs have become more relevant, they have also begun to face more challenges, such as a growing and unwieldy list of potential technologies and suppliers, staff and skills shortages, and extensive work and customisation to integrate security solutions appropriately.

See also  How zero-trust can improve mobile security

This year and next, the macroeconomic headwinds mean CISOs will be under pressure to prioritise technologies that generate optimum value and will have their budgets scrutinised more closely.

Forrester is recommending CISOs to channel investment into these key areas of security technology:

  • API security, increasingly the de facto approach to modern development, enabling organisations to build new business models and engagement methods, but prone to breaches due to unprotected APIs and API endpoints.
  • Bot management, actively profiling incoming traffic to determine intent and protect from malicious bots – which comprised 25.6% of internet traffic in 2020 – by delaying, misdirecting or blocking them.
  • Industrial control system (ICS) and operational technology (OT) threat intelligence, which is becoming a non-negotiable buy for organisations working in sectors such as energy, manufacturing, utilities or transport.
  • Cloud workload, container and serverless security to protect the compute, storage and network configurations of cloud workloads in infrastructure- and platform-as-a-service (IaaS/Paas) environments. This market is still immature and a challenge to address.
  • Multifactor authentication (MFA) or even passwordless authentication, one of the quickest and cheapest ways to align security strategies around zero-trust principles.
  • Zero-trust network access (ZTNA), a more appropriate and agile solution to secure remote workers in a post-pandemic world than the traditional VPN.
  • Security analytics platforms, to replace legacy rules-based security information and event management (SIEM) offerings that are too easily overwhelmed by the rapidly evolving threat landscape.
  • Crisis simulations and purple teaming.

Forrester’s report goes on to suggest that CISOs may wish to consider evaluating and running proofs of concept (PoCs) in the following areas:

See also  The best free education apps for kids in 2022

Areas to consider reducing or avoiding investment in include:

  • Standalone data loss prevention (DLP), as this is increasingly a feature capability in email security and cloud security gateways, security suites, and platforms such as Office 365, making it easier to acquire and enable as part of a broader approach.
  • Standalone security user behaviour analytics (SUBA), most of which have similarly been assimilated or evolved into various services platforms alongside DLP.
  • Generalised managed security services providers (MSSPs), the capabilities of which can be focused better by shifting investment to dedicated managed detection and response (MDR) or security operations centre-as-a-service (SOCaaS) providers.
  • Indicator of compromise (IoC) feeds, which, again, are increasingly baked into other enterprise security controls.
  • Legacy, on-prem network security technology, such as standalone web gateways and network access control (NAC) – save for in specific IoT/ICS/OT use cases. Next generation firewalls (NGFWs) and ZTNA, combined with software-defined perimeters, are more powerful and integrated.

Source link

Apps CISOs Cloud Critical Spend Zerotrust
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

The Cloud Is a Prison. Can the Local-First Software Movement Set Us Free?

August 6, 2023

Apps Are Rushing to Add AI. Is Any of It Useful?

August 4, 2023

Logitech G Cloud review

July 20, 2023

The Dark Secrets Buried at Red Cloud Boarding School

July 13, 2023
Add A Comment

Comments are closed.

Editors Picks

Samsung’s Galaxy Z Flip 4 lets you do more while it’s closed

August 10, 2022

Samsung Galaxy Watch 5 review

August 26, 2022

The Quarry just got a whole lot harder in new update

August 11, 2022

How Can I Get iOS 16 Right Now?

June 25, 2022

Subscribe to Updates

Get the latest news and Updates from Behind The Scene about Tech, Startup and more.

Top Post

Elementor #32036

The Redmi Note 13 is a bigger downgrade compared to the 5G model than you might think

Xiaomi Redmi Watch 4 is a budget smartwatch with a premium look and feel

Behind The Screen
Facebook Twitter Instagram Pinterest Vimeo YouTube
  • Contact
  • Privacy Policy
  • Terms & Conditions
© 2025 behindthescreen.uk - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.