Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Data Breach
  • Using Strategic Choices to Ensure Continuous and Effective Cyber Security
  • Critical Vulnerability
  • Data Breach
  • Vulnerabilities

Using Strategic Choices to Ensure Continuous and Effective Cyber Security

5 years ago Yong Hong Ow
Using Strategic Choices to Ensure Continuous and Effective Cyber Security

Organizations are overwhelmed by the choice of cyber security tools in the market. They need to balance prioritizing and remediating vulnerabilities with managing their secure configurations. What’s more, many organizations are using hybrid clouds where they need to protect assets that are hosted both on premises and in the cloud.

This complexity requires a thoughtful approach to cyber security. Specifically, it requires that they spend some time figuring out what kind of solution they need, choosing a solution provider that fits their needs and then validating a solution before they elect to purchase it. Let’s explore these topics in greater detail one by one.

Settling on a Solution

You need a solution that you can depend on, that is able to provide you with necessary cyber security controls that minimize your exposure and improve your cyber security posture. Able to provide adequate coverage…affordable…easy to deploy…easy to learn…scalable…customizable…these are all just some of the characteristics that should factor into your decision-making process when it comes to purchasing a solution.

Simultaneously, it is important to filter out hyperbolic marketing messages from vendors, heavily-budgeted marketing channels and sponsored thought leaders’ representations, as these types of resources sometimes create an illusion of effectiveness.

Your solution-centric challenges don’t end there. They also extend to how they intend to use a solution. Even if you purchase one of the best tools endorsed by industry, poor implementation will help to ensure a poor ROI and potentially a weak contribution to your overall security posture.

You don’t want to be that company that purchases a product just for fab or compliance purposes and then lets it sit there as a “white elephant.” Instead, focus on the problem you are trying to solve. You will not go wrong. When choosing a particular security measure/tool that’s aligned with your cyber security strategy, leave it to the industry for assessment.

As Anthony Israel-Davis, Sr. Manager SaaS Ops at Tripwire, talks about in his blog, “Focusing on the critical controls that provide continuous security will be more beneficial than a breadth of tools adding noise to your system. Having enough trained staff on hand will reduce the cognitive load and ensure you have the expertise to get the value from the tools deployed.”

Deciding upon a Vendor

The choice of vendor is just as important if not more important than the solution itself. A few considerations when choosing a vendor include the following.

  • Look for a vendor with a broad product portfolio that gives you the ability to use solutions from the same vendor for various needs. Taking the time to do this makes management and enablement easier and more effective.  
  • Go with a tried and tested vendor who has been around for a while with a reputation of dependability and reliability that can provide the support necessary for you to be successful.
  • Choose a vendor with the right training, enablement, support and engagement programs that allow you to stay current with new product features. They should also be available to help you troubleshoot and resolve implementations challenges.  

Validating the Chosen Solution

Once you have identified a solution and vendor that work for you, it is important to take the step of validation. This is a multidimensional process that requires participation of various stakeholders as well as external agencies. Here are some guidelines on how to complete the validation step:

  • Find out what others are saying
    • Seek reviews from fellow industry colleagues within the same region. A vendor that is highly regarded in one country might fail to replicate same customer support in another. That is why local industry engagement and networking is so important; both will help you to obtain an accurate assessment.
    • When reading the assessments conducted by external agencies such as Gartner, Forrester or IDC, look at the overall picture such as depth of solution, complementary solutions, reputation and years in business—not just an arbitrary ranking.
    • Seek feedback from other customers who have been using the product. This will provide you with insights on things like what went well and what went wrong, how to prepare for deployment and things not to do. It can be quite beneficial.
  • Conduct a Proof of Concept
    • If possible, it is always advisable to do a proof of concept to ensure that the solution addresses your needs.

The Major Decision of Investing in Cyber security

Cyber security is an investment—and a significant investment at that, I might add. Like any major decision, you have to make sure that you have done your due diligence in order to ensure that you can reap short-term and long-term benefits. A wrong cyber security decision could spell disaster for your reputation and the future of your company. So choose well.

To learn more about how Tripwire can help with your cyber security and compliance challenges, click here.

This blog was co-authored by Yong Hong Ow and Baksheesh Singh Ghuman.

The post ” Using Strategic Choices to Ensure Continuous and Effective Cyber Security” appeared first on TripWire

Source:TripWire – Yong Hong Ow

Tags: Cloud, Critical Severity, Finance, Goverment, TripWire

Continue Reading

Previous SAP Commerce Critical Security Bug Allows RCE
Next Iranian Hackers Utilize ScreenConnect to Spy On UAE, Kuwait Government Agencies

More Stories

  • Cyber Attacks
  • Data Breach

AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack

12 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

16 hours ago [email protected] (The Hacker News)
  • Data Breach

The Buyer’s Guide to AI Usage Control

18 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

19 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

23 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

1 day ago [email protected] (The Hacker News)

Recent Posts

  • AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack
  • ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories
  • The Buyer’s Guide to AI Usage Control
  • Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends
  • Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT