What the Heck? what does this mean?
Here is the place we discuss technology and how it fits your organisation. With each technology we map each to the NIST CSF guidelines as well as a Star (⭐️) rating from ⭐️ to ⭐️⭐️⭐️⭐️⭐️ for solution complexity. Every environment is different and please only take these as a very basic guide.
Advanced Managed Detect Response (AMDR)
CSF framework: 2. Protect; 3. Detect; 4. Respond. Cyber Maturity Level:⭐️⭐️⭐️
MDR stands for is the next generation of cyber security Detect and Response solutions in the market to target breaches and other malicious activity, eXtended Detection and Response XDR stood for an extended range of detection capability (Network and other devices/ sources of data) and AMDR will take over where XDR lets go.
Client Access Security Broker (casb)
CSF framework: 1. Identify; 2. Protect; 3. Detect; 4. Respond. Cyber Maturity Level:⭐️⭐️⭐️
A Client Access Security Broker is a an important component in an enterprise organisation. A Client Access Security Broker or CASB for short provides: 1. Identify; 2. Protection; 3. Detection capabilities for the organisation on the NIST CSF framework model. How it does this is by inspecting traffic that is being sent to and from the Internet, either just the source and destination or through deeper inspection of the contents of the data being transmitted between source and target.
Controls vs. Control functions
Cyber security planning
Getting your terminology right is extremely important and I for one have made this error before. Control – Anything directly or indirectly used that affects the frequency or magnitude of a loss. Control Function – How a control directly or indirectly affects the frequency or magnitude of a loss.
Data Leakage Protection, preventing loss of data
CSF framework: 1. Identify; 2. Protect; 3. Detect; Cyber Maturity Level:⭐️⭐️⭐️⭐️
Who owns the Data? does the business expect SecOps or IT to manage? (Hint: very often “yes”) Where is the budget for managing the DLP solution coming from after implementation? Is the business going to accept the inconvenience of DLP rules “upsetting” their daily workflows” Will the business get sufficient value from the ongoing investment What Data needs “Loss Prevention”, is there a better way to do DLP, because maybe the business only needs to protect accidental emails etc (Hint: often yes)
e(x)tended Detection and Response (XDR)
CSF framework: 2. Protect; 3. Detect; 4. Respond. Cyber Maturity Level:⭐️⭐️⭐️
EDR, XDR – NDR
With the uptake of Cyber Security solutions by clients globally it was only a matter of time for EDR tools to be mainstream for customers as it is today in 2022. NDR is also starting to make progress towards mainstream adoption in 2021 as detailed in the below image.
End Point Protection (epp)
CSF framework: 1. Identify; 2. Protect. Cyber Maturity Level:⭐️
Organisation type: All organisations need End Point Protection
EndPoint Detection and response (edr)
CSF framework: 2. Protect; 3. Detect; 4. Respond. Cyber Maturity Level:⭐️⭐️⭐️
Endpoint detection and response solutions are now a mainstream Cyber Security solution for organisations with a moderate level of Cyber Security maturity. An EndPoint Detection and Response (EDR) platform helps an organisation with: 2. Protect; 3. Detect; and 4. Respond on the NIST CSF Framework
Identity and Access Management (iam)
CSF framework: 1. Identify; 2. Protect. Cyber Maturity Level:⭐️⭐️⭐️
Of the many technologies available to organisations today, Identity Access Management or IAM is arguably one of the most mature of all. Legacy companies such as IBM, CA, Oracle, Microsoft and newer innovators such as SailPoint have been providing Identity and Access Management solutions for several years and this market is mature and the problem…
Managed Detection and Response (mdr)
CSF framework: 2. Protect; 3. Detect; 4. Respond. Cyber Maturity Level:⭐️⭐️⭐️
Detection and Response or the may be eXtended Detection and Response, this depends on the Solution provider of MDR. Newer solutions exist now termed as Advanced Managed Detection and Response which is a merging of MDR along with additional capabilities to provide advanced Detection and Response capabilities.
Marketectures are not what the Client Needs
The recent security reference architecture document recently released by Microsoft is a glaring indictment of where the Cyber Security industry is in 2021. A Sprawling cityscape of Vendors Spruking their “Better Mouse Traps” (Thanks Bryan). Organisations have massive spaghetti junctions of interconnecting applications, services, users and platforms. Familiar with the below? this was my life…
Multi Factor Authentication
CSF framework: 2. Protect. Cyber Maturity Level:⭐️
If your organisation does not use Multi Factor Authentication yet, then Read on and before you do anything else. Next ensure you get Multifactor authentication implemented ASAP for the sake of your job and your business. The Problem Passwords are not secure in isolation, they need to be remembered and they need to be changed…
Privilege access Management
Privileged Access Management, cyber attacks often still operate primarily on the premise that a logged in user has privileged access to their workstation or Laptop, this aspect has never changed despite platform providers ‘improving’ their security models over time.
Privileged Access Management (PAM)
CSF framework: 1. Identify; 2. Protect; 3. Detect. Cyber Maturity Level:⭐️⭐️⭐️⭐️
This is what PAM solves; the admin account problem – as all account passwords need to be managed how do you do this, the administrative accounts issue is where PAM is your answer.
Secure Access Service Edge (SASE)
CSF framework: 2. Protect; 3. Detect. Cyber Maturity Level:⭐️⭐️
Single Sign On (sso)
CSF framework: 1. Identify; 2. Protect. Cyber Maturity Level:⭐️⭐️
redentials, that credential is able to be used by each system querying a central system (Authentication service) to provide the user access to a service or system. This is different from a Password manager or “Screen Scraping” where a user name and password is “replayed” into the session.
Zero Trust Network Architecture (ZTNA)
CSF framework: 1. Identify; 2. Protect. Cyber Maturity Level:⭐️⭐️⭐️