Tag Archive for: Integration

Security Integration By Design


Security integration by designBy Paul McNamara, Senior Solutions Engineer at Edgio

The finance sector’s cybersecurity threat landscape is expanding at an alarming rate. With the emergence of new attack vectors and technologies, cybercriminals are becoming increasingly sophisticated, targeting financial institutions with greater aggression and creativity. As a result, the conversation on cybersecurity within the industry becomes more critical than ever. Financial organisations must stay vigilant, updating their security protocols and investing in solutions to protect sensitive customer data and financial assets from cyber threats.

A mindset shift is required. It’s no longer a case of trying to prevent the inevitable – security must be included by design across all functions of financial organisations. To ensure that organisations remain secure, leaders must not treat cybersecurity as a separate process, but bake it into everything they do. With a major hack of a financial services payments system potentially costing the world $3.5 trillion, this has never been more important. With security involved in every step of the development process, businesses can reduce friction and mitigate the risk of creating an unsecured application.

Back to basics 

When approaching security by design, leaders need to keep things simple and cover the basics first. Develop a focus on the essential, not the exceptional. On a simple level, this means identifying anything exposed to the internet, and ensuring that it is protected. With an average data breach costing businesses $4.35 million, it represents a big loss for corporations.

The best way to ensure businesses are protected is with a holistic, end-to-end approach to cybersecurity. From basic infrastructure to DDoS protections to applications, every layer requires evaluation – and it’s not just for the threat of breaches. Holistic security solutions will protect the confidentiality, integrity and availability of your data. While a focus on threats is invaluable, keeping a website up and running proves equally important.

Having the right solutions, capabilities and processes in place is vital so that businesses can use their money and resources wisely. For instance,…

Source…

Gigamon Announces Deep Observability Integration with Amazon Security Lake | National Business


SANTA CLARA, Calif.–(BUSINESS WIRE)–Jun 8, 2023–

Gigamon, the leading deep observability company, today announced that its Deep Observability Pipeline now efficiently delivers network-derived application metadata intelligence (AMI) into Amazon Security Lake from Amazon Web Services (AWS). Amazon Security Lake automatically centralizes an organization’s security data from across their AWS environments, leading SaaS providers, on-premises environments, and cloud sources into a purpose-built data lake, so customers can act on security data faster and simplify security data management across hybrid and multicloud environments. This integration provides organizations the ability to access and analyze data-in-motion across hybrid cloud infrastructure to more efficiently and effectively secure and manage workloads, applications, and data.

The integration of network-derived intelligence with Amazon Security Lake supports important use cases for organizations seeking both completeness and efficiency across their security tools stack. With Amazon Security Lake, Gigamon can provide:

  • Security analytics based on actual data communications to completely and correctly identify any usage of vulnerable protocols, deprecated ciphers, and expired certificates
  • Forensics that compare what applications actually did with what logs report
  • A richer and deeper data set on which to base new AI-driven security analytics via tools like NDR or XDR

Gigamon uniquely leverages deep packet inspection (DPI) to extract more than 7,500 application-related metadata attributes derived from network packets. With Amazon Security Lake integration, users can centralize and gain deep observability into security data across their entire organization. The new integration helps organizations to:

  • Efficiently deliver AWS traffic to multiple security tools without installing individual agents for each tool
  • Contain excessive tool and transit costs by filtering unnecessary traffic and deduplicating redundant traffic
  • Generate NetFlow for SIEMs and raw packets for NPMs and packet sniffer tools

Gigamon is also a launch…

Source…

State Security Service opens US DITRA-supported mobile surveillance systems integration service centre


A mobile surveillance systems integration and service centre was opened in the Operational-Technical Agency of the State Security Service, with the support of the United States Defence Threat Reduction Agency, the Service announced on Sunday.

At the opening event, Koba Kobidze, the Head of the Georgian Operational-Technical Agency addressed the audience and said the opening of the centre has been “another” proof of  “dynamically” developing cooperation between Georgia and the US, noting the centre would benefit the development and improvement of the prevention and response capabilities in state and border security.

According to the US Deputy Chief of mission Rian Harker Harris, border security has been an extremely important component, ensuring the response and prevention of threats, such as harmful technologies and threat actors.

Photo: State Security Service

The event was attended by representatives of the Georgian Operational-Technical Agency, the US Embassy, the US DTRA and the Georgian Ministry of Defence, as well as the Department of Special Tasks of the Ministry of Internal Affairs and the Georgian Border Police.

The Service said the new centre aimed to assemble mobile surveillance systems for agencies involved in state security, maintenance of their components and software debugging, and noted the service centre was “fully equipped” with modern engineering and technical facilities.

The Georgian Operational-Technical Agency and the US DTRA have been cooperating since 2016 to develop information technology capabilities in the field of state and border security in Georgia.

Source…

SASE Reality Check: Security and SD-WAN Integration Journey


By: Nav Chander, Head of Service Provider SD-WAN/SASE Product Marketing at Aruba, a Hewlett Packard Enterprise company.

Today, enterprise IT leaders are facing the reality that a hybrid work environment is the new normal as we transition from a post-pandemic world. This has meant updating cloud, networking, and security infrastructure to adapt to the new realities of hybrid work and a world where employees will need to connect to and access business applications from anywhere and from any device, in a secure manner. In fact, most applications are now cloud-hosted, presenting additional IT challenges to ensure a high-quality end-user experience for the remote worker, home office worker, or branch office.

Network security policies that are based on the legacy data-center environment where applications are backhauled to the data center affect application performance and user experience negatively within a cloud-first environment. These policies also don’t function end-to-end in an environment where there are BYOD or IoT devices. When networking and network security requirements are managed by separate IT teams independently and in parallel, do you achieve the best architecture for digital transformation?

So, does implementing a SASE architecture based on a single vendor solve all of these challenges?

SASE, in itself, is not its own technology or service: the term describes a suite of services that combine advanced SD-WAN with Security Service Edge (SSE) to connect and protect the company from web-based attacks and unauthorized access to the network and applications. By integrating SD-WAN and cloud security into a common framework, SASE implementations can both improve network performance and reduce security risks. But, because SASE is a collection of capabilities, organizations need to have a good understanding of which components they require to best fit their needs.

A key component of a SASE framework is SD-WAN. Because of SD-WAN’s rapid adoption to support direct internet access, organizations can leverage existing products to serve as a foundation for their SASE implementations. This would be true for both do-it-yourself as well as managed services…

Source…