As cyber attacks today become more sophisticated, harder to detect, and have the ability to bypass traditional security tools, it is becoming increasingly necessary for enterprises today to assess their overall security strategy, which could encompass detection, remediation and prevention capabilities in a platform rather than viewing them in silos.
In a recently released whitepaper, Frost & Sullivan outlined their latest concept for holistic enterprise security, defined by the acronym 'TRACE', which stands for Threat Response, Adaptive, and Core Ecosystem.
Threat Response refers to the need for a holistic approach to react towards threats through prevention, detection and remediation.
On the other hand, Adaptive means allowing security tools to gather intelligence and real-time analysis to provide a predictive perspective in the environment, meeting various form factors such as virtual, on-premise or used in the cloud.
Lastly, Core Ecosystem refers to an essential platform that enterprises need to adopt, which combines both human expertise and technological capabilities.
TRACE essentially represents the key components comprising access management, various security solutions towards endpoints, web assets, cloud and mobile applications, content security for email and web, integrated security appliances and advanced threat protection in the network, balanced with human factor mitigation, vulnerability management, and security analytics.
According to Edison Yu, Head, ICT Enterprise division, Frost & Sullivan, Asia Pacific, the constantly evolving nature of the enterprise landscape brings about the possibility of random and stronger threats.
"Enterprises are increasingly finding it a challenge to keep up with the dynamic cyber threat landscape, as threat actors multiply both in terms of numbers as well as the sophistication of attack methods used. This has further heightened the need for C-level executives to have a clear and strategic approach towards their organisation's cyber security setup," he explained.
End users will now be able to use TRACE to identify the potential components they need in the enterprise, using it as a guide to assess their current situation and define the other essential components they need to improve in their ecosystem.
Security vendors also need to consider moving their investments into establishing a more holistic approach to not only strengthen prevention tools, such as penetration testing solutions, but also develop a full detection and remediation strategy for the user.
In the different phases of risk management, TRACE aims to provide assessors with insights into the critical features and identify future vulnerabilities to help build and deploy a holistic security strategy to tackle the ever-evolving threat landscape.
Sign up for Computerworld eNewsletters.