An IDC InfoBrief, Sponsored by Micro Focus | April 2020
By Chris Kissel, Research Director, Global Cybersecurity Products, IDC
The Cornerstone of Digital Transformation (DX)
SECURITY, RISK & GOVERNANCE
US46217520TM
IDC InfoBrief | Security, Risk & Governance: The Cornerstone of Digital Transformation (DX)
Sponsored by Micro Focus | Page 2
US46217520TM
For Enterprises, Digital Transformation is a Necessity
According to the IDC Global DX Leaders
Study (June 2019):
63% of organizations were “digitally
distraught”
22% felt current DX initiatives were
designed as short-term solutions
12% said many initiatives were “impromptu”
and not tied to the enterprise
1. Auto passenger 2. Microgrid 3. “Last mile” 4. Open banking
IDC believes that there are three discrete phases of digital transformation (DX):
New technologies and delivery models
Platforms and communities
Autonomous systems
DX encompasses new technologies and an integrated approach to improving existing platforms. In terms of global progression, IDC also believes we are transitioning into Phase 2.
The new digital economy has four essential elements:
IDC InfoBrief | Security, Risk & Governance: The Cornerstone of Digital Transformation (DX)
Sponsored by Micro Focus | Page 3
DX is a “Push-Pull” Exercise in Terms of Security and Compliance› Newton’s Third Law states, “For each action, there is an equal and opposite reaction.”
Broadly, this is true for enterprises moving toward agility in DX
› Mobile and social media improve customer experience. But applying conventional security controls to these technologies is difficult. The Internet of Things (IoT) will also become problematic
› Compliance is a thorny issue. The EU General Data Protection Regulation can levy fines up to 4% of a company’s gross revenues for egregious violations
› Violations can occur in: identity handling, “the right to be forgotten”, data sovereignty, encryption of data in transit and at rest, and the depth of a cybersecurity posture
US46217520TM
IDC InfoBrief | Security, Risk & Governance: The Cornerstone of Digital Transformation (DX)
Sponsored by Micro Focus | Page 4
US46217520TM
› A heterogeneous network changes the security ball game
› Privileges and identities shift dynamically, making it hard for IT and security teams to keep up while keeping data secure
› Customers and contractors gain greater network interaction which creates agility – and new vulnerabilities around identity and applications
Achieving an acceptable cybersecurity posture generates various problems: › If a customer interacts with you, they still have a right to their personally
identifiable information (PII)
› Security teams need to discover where structured and unstructured data
resides while keeping it secure and available only to those entitled to access it
› Containers must be accounted for and constantly reused images scanned
for bugs
› The new network is every identity and the data being consumed by those
identities
› Each new element of a network scales geometrically. A smart analytics
approach can reduce alerts into a single version of truth
Achieving the Proper Holistic Security Posture for Modern Enterprises
IDC InfoBrief | Security, Risk & Governance: The Cornerstone of Digital Transformation (DX)
Sponsored by Micro Focus | Page 5
US46217520TM
Data Security Considerations› DISCOVERY: Data can be stored on or off premises and in different places in a server array, so
discovery is essential
› CLASSIFICATION: Structured and unstructured data need to be handled differently. Classifying data is key to applying the proper compliance controls
› ENCRYPTION: Both data at rest and data in transit require encryption
› OBFUSCATION: Properly obfuscated data can be anonymized and collated for insights. If an adversary gains access, they only have obfuscated records
› DATA ACCESS MANAGEMENT: Enforcing and limiting data access is as important as protecting the data itself
› DATA LIFE-CYCLE MANAGEMENT: True life-cycle management includes what data to segment for analytics, where to allocate data for storage, and when and how to properly dispose of data
› COMPLIANCE: Proving compliance while governing data from creation to disposition is critical
› FILE ANALYSIS: File analysis software is important. File integrity creates the legal bond between entities and, if files are compromised in any way, it can create failures in an application. File or artifact alteration is an Indicator of Compromise (IOC)
IDC InfoBrief | Security, Risk & Governance: The Cornerstone of Digital Transformation (DX)
Sponsored by Micro Focus | Page 6
US46217520TM
› Applications create velocity in DX. By 2024, IDC estimates there will be 500 million microservices
› An organization needs a full set of release orchestration procedures, so an application is signed and certified to deploy in a live production environment
› To build applications and microservices, an enterprise requires both rigid, kernel-level static application security testing (SAST), and dynamic application security testing (DAST)
› Problems with an application post-production are 10x more expensive to fix than pre-production errors
Why Application Security is Important
IDC InfoBrief | Security, Risk & Governance: The Cornerstone of Digital Transformation (DX)
Sponsored by Micro Focus | Page 7
US46217520TM
› Security must be optimized and applied automatically across all endpoint types and platforms at the first instance of connectivity
› For endpoint security, cybersecurity and privacy go hand in hand
› Endpoint visibility is a fundamental cybersecurity concern. Changes in memory or registries can signal an IOC, which can be observed if a zero-day threat is detonated
Endpoint Protection is its Own Dynamic
IDC InfoBrief | Security, Risk & Governance: The Cornerstone of Digital Transformation (DX)
Sponsored by Micro Focus | Page 8
US46217520TM
Augmenting Versatility Within the Next-Gen Security Operations Center (SOC)
Security infrastructure is a big challenge. Without suitable technology, team, and threat intelligence integration, organizations will not be equipped to:› Monitor threats and lower false positives
› Prevent attacks
› Scale with agility to match threats as they grow and diversify
› Ensure the network is safe after remediation and cost governance
Siloed endpoint protection amplifies security gaps. Attack surface minimization, adaptive threat
prevention, and guided incident response and threat hunting should be part of an orchestrated
solution and fortified with tailored and real-time context on threats and business implications.
SIEM can be central to orchestration, automation, IT ticketing, or case management.
IDC InfoBrief | Security, Risk & Governance: The Cornerstone of Digital Transformation (DX)
Sponsored by Micro Focus | Page 9
US46217520TM
Few vendors can support defense against breach, secure DevOps and the SDLC process, guard the privacy of individuals and their data, and enable compliance with worldwide regulations at enterprise scale. With a broad set of integrated security, risk, and governance solutions combined with deep domain expertise and analytics, Micro Focus can help organizations take a holistic approach to protecting data, identities, and applications and evolve for the future.
› For applications, Fortify STAT can monitor code as it is written in preproduction. Fortify on Demand (DAST) can run scans to look for bugs in codes post-production
› Functional testing of apps is also possible before production
Considering Micro Focus
IDC InfoBrief | Security, Risk & Governance: The Cornerstone of Digital Transformation (DX)
Sponsored by Micro Focus | Page 10
› Cybersecurity requires the right tool for the right job
› With SOC analytics, Micro Focus believes the best security posture comes from a strong human-machine collaboration
› ArcSight can become the backbone of the SIEM, and Interset’s analytics can help provide reliable incident alerts, meaningful insight, and anomalies beyond rule- and role-based detections. Interset uses unsupervised machine learning (ML) to track normal behavior across identities and filter out false positives to help SOC analysts focus on real threats. The pairing of ArcSight and Interset helps identify leads for investigation and refine alerts with context for SOC analysts and threat hunters
› Endpoint protection can immediately:
• Apply endpoint controls (place onto a guest network, isolate in a sandbox, or take offline and reimage)
• Revoke access privileges
• Ask a user to reauthenticate
› NetIQ can shut down a session that might be suspicious.
› For endpoint security, Micro Focus has ZENworks Endpoint Security Management
Facilitating Security at the Endpoint and in the SOC
US46217520TM
IDC InfoBrief | Security, Risk & Governance: The Cornerstone of Digital Transformation (DX)
Sponsored by Micro Focus | Page 11
US46217520TM
Challenges
› Micro Focus products address Enterprise DevOps; Hybrid IT Management; Security, Risk, and
Governance; and Predictive Analytics
› With security, it is fair to ask if Micro Focus tools are as effective when other platforms are
integrated with its own platform — that is, do they “play well with others?” There are a number
of cross-product integrations available today with more on the road map
› The company’s tools are designed for an enterprise approach but may not be designed for small
and mid-sized business security operations
› Micro Focus starts with code protections in the CI/CD pipeline and follows process through SIEM
and data protection. A consideration is whether the platform can adapt to new mediums such as
the Internet of Things (IoT) and 5G broadband
The protection and obfuscation of data is a security necessity. However, anonymizing data and applying analytics helps with predictive analytics. Micro Focus needs to walk the fine line between protecting and utilizing data.
IDC InfoBrief | Security, Risk & Governance: The Cornerstone of Digital Transformation (DX)
Sponsored by Micro Focus | Page 12
US46217520TM
True End-to-End Enterprise Protection is a Mindset› The new network perimeter is about identities, apps, and data
› An enterprise must have tools protecting each component while enabling a multifaceted
strategy that:
• Begins protection in the DevOps environment
• Emphasizes data discovery and protection
• Monitors applications
• Protects endpoints
• Optimizes the SOC investigation process using ML and automation
› Identities include humans, devices, services, IoT, and web sites, to name a few. Privileges
change so fast that it is difficult for IT and Security to stay ahead while keeping data secure
› An enterprise would be wise to think of compliance, data, endpoints, identities, and
applications as interlaced and continuous
Message from the Sponsor
With Micro Focus you can:
• �Identify,�protect,�detect,�respond�to,�and�recover�from�incidents—reducing�your�overall�risk�profile�and creating a modern, secure IT ecosystem
• Maintain data privacy, mitigate the impact of data and application breaches, and monitor threats for compliance audit visibility
• �Apply�effective�risk�management�practices�at�all�levels,�aiding�senior�decision-makers�with�greater�visibility regarding responsibility and accountability and providing automated controls
• Apply data and identity governance policies, detect and respond to data breaches, and optimize backup and recovery—and, ultimately, protect data in use, in transit, and at rest
• �Jumpstart�your�application�security�journey�in�a�single�day�and�scale�as�your�needs�grow
Micro�Focus�specializes�in�finding�and�protecting�sensitive�data,�detecting�advanced�threats,�and�helping customers adapt and evolve their security posture for the future.
For more information, visit us at https://www.microfocus.com/srg
