+
EDITOR’S QUESTION
DRAGAN PETKOVIC,
SECURITY PRODUCT LEADER
ECEMEA AT ORACLE
///////////////////
P
rivacy of data remains one of the
most vulnerable resources and the
requirement to protect personal data
is only intensifying with the likes of the
GDPR and PoPI Act coming into effect. We
are likely to see steep fines being imposed
during the second half of the year as a
result of a loss of personal data through
the GDPR.
Well-run companies realise that there is no
such thing as 100% security, but still apply
prudent measures to protect their data. While
perimeter security is as important as always,
additional resources are required to protect
data closer to the source.
Organisations on their journey to the cloud
understand that while the cloud takes some
of the network and infrastructure security
headaches away, the responsibility model
for security is shared. Cloud Access Security
Brokers (CASB) are mandatory in planning
cloud security posture. Practise security inside-
out and build security in every layer of your IT.
Encryption a quick win to protect
confidential data
Understanding user behaviour
Encryption is one of the easiest technical
controls to implement and a number of
organisations opt for it as a quick win since
it requires minimum human intervention.
It has been used for decades and it leaves
me speechless that some organisations are
still not using it to protect their confidential
data. Oracle has made big efforts to make
its encryption solutions transparent to
implement with no or minimum overhead.
To combat modern security threats, many
enterprises are turning to security solutions
that leverage user behaviour analytics
(UBA). By analysing user behaviour and
forming a baseline definition of normal,
these solutions can notify IT administrators
when deviations occur.
www.intelligentcio.com
Traditional security measures based on
protocol analysis and virus signatures
continue to be part of every enterprise’s
defence system. However, these solutions
are more applicable to legacy threats than
the modern ones designed to target specific
enterprises. Traditional solutions alone simply
cannot keep up with the sophistication of
today’s attacks and hackers, nor can they
cope with savvy users w ho, for the sake of
productivity and convenience, often attempt
to bypass existing security measures and
company policies.
Traditional security measures also do very
little to detect internal threats, which are
becoming an increasing concern for many
enterprises. To improve security for both
cloud services and traditional IT, many
enterprises are implementing security
solutions that analyse user behaviour. Rather
than focusing solely on quickly identifying
attack objects such as viruses and malware
or beating the hackers to the punch with
early discovery of vulnerabilities in operating
systems or browsers, these UBA solutions
focus analysis on actions performed by
particular users, forming a baseline of normal
behaviour and continuously monitoring for
deviations from the accepted norm.
With security at the core of the modern
organisation; good governance for
managing systems and people effectively
is critical, while strong authentication and
encryption become a necessity.
INTELLIGENTCIO
29