In February of 2019, Gartner published their list of the top 10 security projects for 2019 – a list of security projects that security and risk management leaders need to consider implementing in order to reduce risk and achieve compliance.
As organizations grow and become more complex, the prospect of introducing new security projects whilst maintaining existing ones can be daunting. Brian Reed, Senior Director Analyst at Garner, suggests that organizations should “focus on those [projects] that can address a high degree of business impact and also have an ability to reduce a high amount of risks.”
What Are Gartner’s Top 10 Security Projects for 2019?
Here is a brief glimpse at the top 10 security projects for 2019 as suggested (in no particular order) by Gartner:
Read more here
The top row in the dark blue are projects that have carried over from 2018, stressing their importance. The second row are either completely new projects or slightly modified ones for 2019.
How Can Lepide Address the Gartner Security Projects
We (Lepide) are a data security solutions provider focused on helping organizations place data at the center of their cybersecurity strategy. Our award-winning Data Security Platform provides a base from which security teams can identify their sensitive unstructured data, see who has access to it and monitor user behavior. Specifically, using Lepide, you can address the following security projects for 2019:
Detection and Response
This is where Lepide are able to shine. Lepide offer best of breed detection and response solutions in the form of data classification, threat detection, forensics, data leakage prevention, automated response and much more.
Using the Lepide Data Security Platform, security teams can analyze user behavior related to their most sensitive unstructured data, detect anomalies in real time and execute an automatic reaction to stop any suspected threat.
Let’s take an example in the form of a ransomware attack. Let’s say that one of your users clicks on a malicious link in an email or downloads a malicious file and unleashes ransomware into your environment. The malware encrypts files by modifying the extensions. When Lepide was deployed into the environment, the ransomware detection and prevention piece was enabled to detect when an unusually high number of file modifications takes place over a short period of time. Upon detection, Lepide automatically executes a script to shut down the server, limiting the damage and stopping the attack in its tracks.
Let’s take another example in the form of an insider threat. Let’s say an end user with excessive permissions decides to copy a file that contains sensitive information (perhaps even related to a specific compliance requirement). This is the first time that user has taken that action. Lepide’s advanced anomaly detection flags an alert to the security team in real time. At the same time, Lepide reacts to the potentially dangerous event by disabling the user account and revoking their permissions.
Dark Data Discovery
Most companies store their dark data for regulatory compliance and record keeping, with some organizations believing that dark data could be useful in the future once they have better technology to process it. Gartner suggest that before you undertake and consolidation or migration of data, you need to discover and classify your data.
As Gartner point out, knowing where your dark data and where your sensitive data resides not only reduces risks to security, but also helps to achieve and maintain compliance. To do this, you’ll need to be able to see across your key data siloes (such as File Server, Exchange and Office 365) to identify where the dark data resides and classify it accordingly.
The Lepide Data Classification software enables security teams to give context to their data and separate their most sensitive data from their dark data. This allows organizations to prioritize their data based on risk and focus their detection and prevention strategy. The Lepide Data Classification Solution supports over 85 file types, comes with hundreds of predefined classification rules and templates, and can even remove false positives from the classification through sophisticate proximity scanning.
Privileged Access Management (PAM)
Privileged accounts are an attractive target for attackers. Privileged Access Management projects focus on applying the appropriate controls required to keep these accounts secure against internal and external threats.
Whilst Lepide is not a Privileged Access Management solution, there are numerous ways in which Lepide can be used to aid your PAM project. For example, the first step in any PAM project is being able to determine which accounts need to be monitored. Lepide will help you create a list of your Domain Administrator Accounts, Domain Administrator Groups, Domain Service Accounts and any other privileged accounts so that you know which users to focus project on.
On a more ongoing basis, Lepide can monitor and alert on when permissions change so that you will always be able to identify your most privileged users.
Lepide can also be used to clean-up your Active Directory of inactive user accounts by disabling them, deleting them or moving them to a different OU. This will ensure that your AD is streamlined before you attempt to get your PAM project off the ground.
There are many more ways in which Lepide can help support a Privileged Access Management project. For more information, see here