informa
Slideshow

7 Modern-Day Cybersecurity Realities

Security pros may be working with a false sense of security. We explore seven places where old methods and techniques have to change to keep their organizations safe.
Are the Cloud Apps You Build Really Secure?
Companies Can Shift Left but Still Must Shift Right
WAFs and Gateways Won't Fully Secure APIs
Traditional Patch and Vulnerability Management Tools Won't Secure APIs
Basic Awareness Training Falls Way Short -- Especially For Engineers
Just Buying a New Tool Doesn't Make the Company Secure
Companies Rolling Out IoT Products Don't Always Focus on Security
1/7

Move to the cloud. Shift left. Buy the latest XDR and deception tools. The technology and cybersecurity industry has always been susceptible to marketing hype, but do these moves actually make their organizations more secure? Or do they just add more complexity?

With all the major hacks, from SolarWinds to the issues with Microsoft Exchange, how can security pros sleep at night? They may think they are doing the right thing, but are they operating with a false sense of security?

Michael Isbitski, technology evangelist at Salt Security, says security pros have to focus more on securing the application programming interfaces (APIs) that power many of these tech strategies. From hosting internal cloud apps to relying on gateways and traditional patch management tools, the old methods don't focus enough on API security – and the APIs are susceptible to attackers.  

"With so much at stake, businesses need to humbly accept that they have been overly confident in these security approaches and tool choices," Isbitski says. "They should seek to update their tooling and processes accordingly to address modern threats."

We've compiled seven tips to help security pros sort out what they need to think about as they deploy many of these evolving security concepts and technologies.

 
Next slide
Recommended Reading: