Members of the IT Central Station community are always happy to take a few minutes to help other users by answering questions posted on our site.
This week, some interesting topics came up, including whether using just one vulnerability analysis tool is enough, how AI is improving security, and what businesses can do to improve their security posture.
Here’s a snapshot of some of the answers that our IT Central Station members shared:
One of our users, Ludwing Caviedes, wanted to know if using only one vulnerability analysis tool would mean missing some threats. Other users came through with great insights, mostly recommending a multi-tool approach to vulnerability analysis.
Avraham Sonenthal said, “No single product will detect all vulnerabilities. That is why in security we use the concept of “defense in depth”. George Fyffe echoed this sentiment, and noted, “a better approach is to start by assessing what you absolutely must protect to protect your business. Work out what is critical and how it can be compromised. Then select tools to help you mitigate the risks.” Sonenthal recommended using a Next Generation Firewall such as Palo Alto or Cisco Firepower, coupled with Endpoint protection like Symantec Endpoint Security. He also suggested using Network Access Control, such as Forescout, ISE, and Aruba Clearpass.
Users weighed in on this question, noting the ways in which AI has improved cybersecurity. One user, the Head of Security at mid-sized enterprise Insurance Company, who is on the leaderboard for Network Traffic Analysis and Network Detection and Response, noted, “Efficiency has definitely improved, tool sets that I’m familiar with are becoming more accurate with alerts and identifying the unusual. This was never the case a few years ago, where signature and full packet inspection was the only real method of reactive detection. AI has definitely pushed user behaviour to a new level which was nearly impossible to accurately baseline previously.”
Users answered this question with some really helpful tips for businesses to improve their security.
Shaik Sayeed noted, “Always evolving your technologies with security threats and trends is needed, similarly user awareness of security is a key.” He suggested that businesses with limited budgets should focus on getting a Next-Generation Firewall, and improve endpoint protection with a top EDR tool and email security. Ricardo Granados highlighted the importance of performing vulnerability assessments on all devices, using a tool like Tenable Vulnerability Management.
Norman Freitas made an important point, noting that security problems start at the senior level, like having an Open USB port, and no ‘Clean-Desk’ policy. He emphasises that awareness of security issues is key, and that improving security is not just about tools, but rather a mindset.
Thanks, as always, to all the users who are taking the time to ask and answer questions on IT Central Station!
IT Central Station is here for you, to learn and help your peers. In a market full of vendor hype, we enable you to get real, unbiased information from people like you.
Do you have a question that you’d like to ask our IT Central Station Community? Ask now!