I recently saw an article that said – “Want to enhance your cyber security and privacy? …here are more than 50 free tools to help you.”
I love the idea of having some open-source or free tools…but what concerns me is having a need for so many tools.
- AV and Endpoint security
- SIEM Security Information and event management
- Logging solutions
- Web Application Firewall
- Vulnerability scanning
- Anti-spam and anti-phishing
- Incident Response logging
- Case Management
Not to mention having your users use complex passwords and changing passwords at regular intervals, using secure remote access and encryption, using local encryption on mobile devices, 2 factor authentication, Radius, Wireless security – WEP, WPA and WPA2, mobile device management, surveillance, Ransomware protection, security policies, and if you are in an industry that is regulated…the list gets longer.
It has gotten more complex and the bad guys have sophisticated tools at their disposal to exploit your users – especially the non-IT users.
The good news is that there is technology that will assist companies in improving their security posture, their security culture and make it easier for small- and mid-size companies to meet the security challenges that exist in today’s marketplace.
There are tools that will help with automation and orchestration – that can make it easier to consume a broader spectrum of security solutions (and in some cases, eliminate those point solutions) and provide a systemic based set of techniques to help companies.
I also read two separate articles that indicated that by 2020, there would be over 1 million security analyst job openings. To address this market need, there are tech companies that are creating “virtual/artificial security analysts” to help with the need for more security expertise.