A Gathering of Minds: The Gartner Summit
The digital business world is fluid and dynamic, getting more complex every day. So, too, is the black hat underground. Risk and security managers must stay ahead of the technology curve to be sure that their security investments are effective against the latest attack methods. The Gartner Security and Risk Management Summit, held in National Harbor, MD this week, offered thought leadership and advice on building a resilient security program. Attendees also heard about innovative strategies and emergent solutions to protect digital business. Tenable employees Schylr Greggs, Analyst Relations Manager, and Joanne Rasch, Vice President of Corporate Communications, attended the Summit and share their impressions here.
Key trends and insights
Earl Perkins, Research Vice President for Gartner, delivered an excellent presentation on the Top Trends and Take-Aways for Cybersecurity. His session summarized the conference’s messaging, key trends in the marketplace, and strategies for mitigating future threats. Perkins’ insights also echoed common themes throughout the Summit, including:
- We can no longer depend on defensive technologies; better risk-driven threat detection and continuous monitoring are essential.
- Software-defined security is just as important as physical security solutions; application resiliency must be baked into the development lifecycle.
- Public cloud security is a partnership. Cloud providers are not responsible for all aspects of security in the cloud – look to application developers/providers and your own IT department to augment cloud infrastructure security.
- Watch for the growth of cloud security brokerage services that provision cloud offerings, mediate security requirements, evaluate cloud services, and negotiate contracts between clients and vendors.
- Real time security analytics are becoming more crucial to prevention and mitigation as the frequency of malicious attacks increases.
- The Internet of Things, industrial automation, mobile devices and wearable sensors are redefining the scope of endpoint security strategies.
- Security technologies must evolve to include adaptive and context-aware solutions to fortify identity and access management, and data-centric applications.
The evolution of cybersecurity
Cybersecurity is evolving rapidly. A strong theme at the Summit was that continuous monitoring is no longer an option – it’s a requirement for digital business. Organizations must invest quickly while properly configuring tools if they are to adapt and survive in current and future environments.
In his keynote address, Cory Doctorow, Science Fiction Novelist and Journalist, noted that “Security is a process, not a product.” Defense in depth, layered defenses, and continuous monitoring all contribute to a resilient security program; no one product or solution can provide complete protection.
Look to Tenable to lead the way in continuous network monitoring and advanced threat detection.
Related Articles
How A CNAPP Can Take You From Cloud Security Novice To Native In 10 Steps
May 23, 2024Context is critical in cloud security. In a recent RSA presentation, Tenable's Shai Morag offered ten tips for end-to-end cloud infrastructure security.
Logs of Our Fathers
September 22, 2009<p>At USENIX in Anaheim, back in 2005, George Dyson treated us to a fantastic keynote speech about the early history of computing. You can catch a videotaped reprise of it <a href="http://www.ted.com/talks/lang/eng/george_dyson_at_the_birth_of_the_computer.html" target="_blank">here, on the TED site</a>. I highly recommend it - there's lots of interesting and quirky stuff. I managed to talk him into giving me a copy of his powerpoint file, and subsequently tracked him down and am re-posting this material with his permission.</p> <h3>November, 1951 </h3> <p style="TEXT-ALIGN: center"><a href="http://www.ranum.com/security/computer_security/papers/ur-syslogs/first_syslog.jpg" target="_blank"><img border="0" height="375" src="http://www.ranum.com/security/computer_security/papers/ur-syslogs/t/first_syslog.jpg" width="500" /></a> <br /><strong>Machine Log #1</strong></p>
ShmooCon 2009 - Playing Poker for Charity
February 12, 2009Tenable sponsored a booth at this year's ShmooCon and ran a Texas Hold'em table to help raise money for the Hackers for Charity organization. We raised close to $400 from conference attendees ...
CloudImposer: Executing Code on Millions of Google Servers with a Single Malicious Package
September 16, 2024Tenable Research discovered a remote code execution (RCE) vulnerability in Google Cloud Platform (GCP) that is now fixed and that we dubbed CloudImposer. The vulnerability could have allowed an attacker to hijack an internal software dependency that Google pre-installs on each Google Cloud Composer pipeline-orchestration tool. Tenable Research also found risky guidance in GCP documentation that customers should be aware of.
Cybersecurity Snapshot: Russia-backed Hackers Aim at Critical Infrastructure Orgs, as Crypto Fraud Balloons
September 13, 2024Critical infrastructure operators must beware of Russian military hacking groups. Plus, cyber scammers are having a field day with crypto fraud. Meanwhile, AI and cloud vendors face stricter reporting regulations in the U.S. And get the latest on AI-model risk management and on cybersecurity understaffing!
Microsoft’s September 2024 Patch Tuesday Addresses 79 CVEs (CVE-2024-43491)
September 10, 2024Microsoft addresses 79 CVEs with seven critical vulnerabilities and four zero-day vulnerabilities, including three that were exploited in the wild.
- Conferences