2020 will be seen as one of the most consequential years in any security professional’s career. For many, there will be a bright line dividing how things were before the pandemic from how they are now.
A Splunk global survey of 535 security leaders found that the next great security challenge is cloud complexity—including shifts in workloads, new software development models, remote work and heterogeneous public cloud usage.
To help leaders tackle these obstacles, Splunk offers a step-by-step guide.
Four Ways To Strengthen Your Security Strategy
Modernize
Consolidate
adapt
collaborate
Modernize
Consolidate
adapt
collaborate
Security teams need a cutting-edge security operations center (SOC)—
with the right combination of training
and key technologies, including:
• Security operations process automation: You can’t have human analysts respond to every attack. Instead, they can write the rules so that automated solutions identify and respond to those attacks without human intervention. Security orchestration, automation and response (SOAR) and user and entity behavior analytics (UEBA) are key tools.
• Modern security information and event management: SIEM systems offer full visibility into activity within your network, empowering you to respond to threats in real time.
of security leaders say there’s been an increase in attacks during the pandemic.
Analytics tools and a greater reliance on data insights help level the playing field for security analysts."
53%
Modernize The Security Operations Center
Yassir Abousselham
Chief Information
Security Officer, Splunk
Adoption of cloud-based applications is best secured through single sign-on and multifactor authentication, because you just can't effectively scale account security using passwords alone.”
of cloud infrastructure users are now in a multicloud environment.
Modernize
Consolidate
adapt
collaborate
Modernize
Consolidate
adapt
collaborate
A modernized SOC—with its arsenal of tools and customizations—can make it challenging to understand data from multiple sources. In a complex, multicloud, multiservice environment, it’s essential to be able to see across all that data—not just traditional security data.
A consolidated view of the data creates a single source of truth for security and IT teams. This highest-level, end-to-end perspective is vital not only to security and compliance efforts but to successful development and operations as well.
75%
Consolidate
Your Data
Yassir Abousselham
Chief Information
Security Officer, Splunk
expect to use multiple cloud service providers two years from now.
87%
Modernize
Consolidate
adapt
collaborate
Modernize
Consolidate
adapt
collaborate
will conduct more security controls audits
35%
will scan software updates more frequently
30%
A crucial aspect of upgrading security strategy is the ability to see suspicious lateral movement within your networks. Whether bad actors sneak in through a vendor’s software patch or an employee’s stolen credentials, you’ll want to be able to spot them as they slither through your network looking for the goods.
Strong passwords, effective multifactor authentication and avoiding single sign-on solutions are key to this strategy. Organizations need a modern SOC, and a well-defined and closely monitored identity policy with strong enforcement and monitoring, to implement those tools.
Adapt To New Supply
Chain Threats
How security leaders are fending
off supply chain threats:
will ramp up multifactor authentication
26%
will increase penetration testing
27%
Modernize
Consolidate
adapt
collaborate
Modernize
Consolidate
adapt
collaborate
of respondents say security spending will increase at their organizations.
88%
Disaster response to Covid-19 required quick action and drove greater security-IT collaboration. Security teams should continue to build on this development. At its most fully realized, this approach will help organizations shift toward a DevSecOps environment, which melds the three interrelated disciplines—development, security and operations—that often aren’t as interrelated as they should be.
DevSecOps aims to reduce friction between the groups by creating shared goals and measurements. This provides an opportunity for security automation and introduces security earlier in the development process.
Leverage
Collaboration
