Modern Database Architectures Demand Modern Data Security Measures

Similar documents
Evolve Your Security Operations Strategy To Account For Cloud

Mastering The Endpoint

Vulnerability Management Trends In APAC

Operationalize Security To Secure Your Data Perimeter

Build Your Zero Trust Security Strategy With Microsegmentation

Evolving Threats Call For Integrated Endpoint Security Solutions With Holistic Visibility

Supporting The Zero Trust Model Of Information Security: The Important Role Of Today s Intrusion Prevention Systems

Digital Transformation Drives Distributed Store Networks To The Breaking Point

Converged Infrastructure Matures And Proves Its Value

Business Success Through Embedded Communication Technology

Modern Compute Is The Foundation For Your IT Transformation

Red Hat Virtualization Increases Efficiency And Cost Effectiveness Of Virtualization

Predictive Insight, Automation and Expertise Drive Added Value for Managed Services

Unlock The Value Of Cloud

Run the business. Not the risks.

Unlock The Value Of Cloud: A Spotlight On IT Executives

Rethink Enterprise Endpoint Security In The Cloud Computing Era

Converged Security - Protect your Digital Enterprise May 24, Copyright 2016 Vivit Worldwide

Cognizant Cloud Security Solution

Closing the Hybrid Cloud Security Gap with Cavirin

Fact Or Fiction: The State Of GDPR Compliance

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

SD-WAN. Enabling the Enterprise to Overcome Barriers to Digital Transformation. An IDC InfoBrief Sponsored by Comcast

Best Practices in Securing a Multicloud World

Optimisation drives digital transformation

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance

Enabling Zero Trust Security Through Network Virtualization And Micro- Segmentation

eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments

Oracle bakes security into its DNA

A Forrester Total Economic Impact Study Commissioned by ServiceNow January 2018

Innovation Leaders Need IT Services To Drive Transformative Outcomes

MITIGATE CYBER ATTACK RISK

Perfect Balance of Public and Private Cloud

GDPR: An Opportunity to Transform Your Security Operations

Securing The Enterprise With Machine Identity Protection

Why Enterprises Need to Optimize Their Data Centers

Enabling Hybrid Cloud Transformation

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?

Data Management and Security in the GDPR Era

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

Evolution For Enterprises In A Cloud World

IBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan

Sage Data Security Services Directory

Formulate A Database Security Strategy To Ensure Investments Will Actually Prevent Data Breaches And Satisfy Regulatory Requirements

Mobile Security: Move Beyond The Basics And Overcome Mobile Paralysis

Gaps in Resources, Risk and Visibility Weaken Cybersecurity Posture

THE POWER OF TECH-SAVVY BOARDS:

CipherCloud CASB+ Connector for ServiceNow

Fundamental Shift: A LOOK INSIDE THE RISING ROLE OF IT IN PHYSICAL ACCESS CONTROL

Cisco APIC Enterprise Module Simplifies Network Operations

Government IT Modernization and the Adoption of Hybrid Cloud

THALES DATA THREAT REPORT

THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM

Vulnerability Management. June Risk Advisory

with Advanced Protection

Moving Workloads to the Public Cloud? Don t Forget About Security.

Gain Control Over Your Cloud Use with Cisco Cloud Consumption Professional Services

Building a Resilient Security Posture for Effective Breach Prevention

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

THE JOURNEY OVERVIEW THREE PHASES TO A SUCCESSFUL MIGRATION ADOPTION ACCENTURE IS 80% IN THE CLOUD

locuz.com SOC Services

Data Governance: Data Usage Labeling and Enforcement in Adobe Cloud Platform

CISO View: Top 4 Major Imperatives for Enterprise Defense

Healthcare IT Modernization and the Adoption of Hybrid Cloud

Micro Focus Partner Program. For Resellers

How to get the Enterprise to Understand the Value of Security

COBIT 5 With COSO 2013

Making hybrid IT simple with Capgemini and Microsoft Azure Stack

INTRODUCTION. We would like to thank HelpSystems for supporting this unique research. We hope you will enjoy the report.

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

Cybersecurity. Securely enabling transformation and change

Securing Your Cloud Introduction Presentation

7 Steps to Complete Privileged Account Management. September 5, 2017 Fabricio Simao Country Manager

HPE IT Operations Management (ITOM) Thought Leadership Series

Accelerate Your Enterprise Private Cloud Initiative

I D C T E C H N O L O G Y S P O T L I G H T

SIEMLESS THREAT MANAGEMENT

Cloud Going Mainstream All Are Trying, Some Are Benefiting; Few Are Maximizing Value

Securing Digital Transformation

BUILD YOUR CYBERSECURITY SKILLS WITH TRASYS INTERNATIONAL

Martijn Loderus. Merritt Maxim. Principal Analyst Forrester. Director & Global Practice Partner for Advisory Consulting Janrain

Cloud Going Mainstream All Are Trying, Some Are Benefiting; Few Are Maximizing Value

Vulnerability Assessments and Penetration Testing

2018 Report The State of Securing Cloud Workloads

IMPLEMENTING SECURITY, PRIVACY, AND FAIR DATA USE PRINCIPLES

THE FUTURE IS HYBRID. Patrick Harr. Global Vice President, Cloud Strategy and Solutions Hewlett-Packard Company

Build confidence in the cloud Best practice frameworks for cloud security

BHConsulting. Your trusted cybersecurity partner

INTELLIGENCE DRIVEN GRC FOR SECURITY

ServiceNow Indicator Based Continuous Control Management

Data Protection. Plugging the gap. Gary Comiskey 26 February 2010

2015 VORMETRIC INSIDER THREAT REPORT

Cloud Going Mainstream All Are Trying, Some Are Benefiting; Few Are Maximizing Value. An IDC InfoBrief, sponsored by Cisco September 2016

MEETING ISO STANDARDS

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Securing Your Digital Transformation

Unlocking the Power of the Cloud

CAN MICROSOFT HELP MEET THE GDPR

OUTSMART ADVANCED CYBER ATTACKS WITH AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Transcription:

Forrester Opportunity Snapshot: A Custom Study Commissioned By Imperva January 2018 Modern Database Architectures Demand Modern Data Security Measures GET STARTED

Introduction The fast-paced, ever-changing nature of today s world requires businesses to be more innovative and flexible than ever before to keep up with the market. As part of this, enterprises are evolving their database ecosystems through cloud and big data initiatives to enable greater agility and scalability. However, in order to maximize these benefits while minimizing risk, companies must evolve their data security practices in parallel through modern tools, such as database activity monitoring (DAM), to align with new imperatives for cloud computing. In November 2017, Imperva commissioned Forrester Consulting to conduct a study of IT professionals to explore current security and compliance challenges faced by companies who are evolving their database ecosystems through cloud and big data initiatives. The objective was to understand how companies are approaching these challenges and understand what steps they are taking to ensure greater security and compliance with their databases. DEMOGRAPHICS Region 150 respondents from US-based companies Company size (employees) 39% - 1,000 to 4,999 28% - 5,000 to 19,999 33% - 20,000 or more IT roles 28% - Operations 28% - Security and risk 25% - Enterprise architecture 19% - App dev 100% of companies surveyed are currently using big data or cloud-based database architectures.

1 2 3 Security And Compliance Are Increasingly Important As Database Architectures Evolve More and more companies today are adopting, or looking to adopt, big data and cloud-based architectures to meet growing business demands. As part of this trend, companies are also aware that security and compliance initiatives must adapt to keep pace with the nature of these new tools. In fact, over 50% of companies consider security and compliance to be significantly more important than before as they implement these new architectures.

1 2 3 Yet Companies Feel Underprepared To Deliver On Key Security Capabilities When asked how important specific security capabilities were for securing new database environments, respondents placed high importance on capabilities such as sensitive data discovery or classification, vulnerability scanning and management, and automated analytics to detect breaches. However, when asked how prepared their organization was to deliver on those capabilities, the level of preparedness was very low. This highlights a major challenge as companies know what needs to be done to enable better security, but they lack the capabilities to do so.

1 2 3 And Companies Face Similar Execution Challenges With Compliance The story is the same with compliance. Companies place high importance on compliance capabilities such as proof of compliance, report automation, and privileged user audit. However, most companies are not well prepared to deliver on those capabilities. Overall, roughly three out of four companies do not feel very well prepared to delivery on any of their most important compliance capabilities. Compliance often goes hand in hand with security, and these challenges can be very damaging if not corrected.

1 Security And Compliance Preparedness Is Impeded By Various Challenges Maintaining a secure grip on big data and cloud-based databases is a difficult thing to accomplish. These new architectures introduce challenges around data protection, governance, scale, and system compatibility. Due to loss of direct physical control over the infrastructure, where data is housed as companies move their data to the cloud, concerns are high regarding the authorization of thirdparty control/access and monitoring of company data. Visibility and ownership of large data sets are reasons for concern as well. System compatibility can also be hard for companies that are used to doing things the same way for so long. Legacy security measures may no longer be sufficient to cover new infrastructures; this forces companies to revise their approach. The lack of compatibility can lead to governance and visibility concerns, as companies struggle to ensure all systems are compatible and all data is properly protected.

1 2 New Architecture Decisions Must Be Driven By Security, Agility, and Scalability Even though many companies feel ill-prepared to deliver on new security and compliance capabilities with big data and cloud-based database architectures, most recognize that in the long run that these new architectures will enable them to be more secure and agile as a business. To achieve the benefits they want from their new architectures, companies identified their top five security and compliance capabilities which focus first on added security, but also include capabilities that enable companies to be more agile, such as automated analytics and consistent policies across databases, data lakes, etc.

1 2 Database Activity Monitoring Tools Outperform Expectations For Security And Compliance Capabilities To compensate for their preparedness gap with security and compliance capabilities, many companies are leveraging DAM tools to bring much needed visibility and control to their processes. DAM tools offer 1) monitoring of database activity to prevent internal and external fraud, 2) integration with identity directories and access management systems, 3) user activity analysis and threat detection, 4) data classification and discovery, and 5) governance to bridge monitoring and access control gaps between on-premises and cloudbased data assets. Companies initial expectation of DAM tools focuses on reducing security incidents and improving compliance, coupled with the hope of reducing time spent on security. Companies with DAM tools already in place reported these outcomes as realized; most notably with compliance and number of security incidents. The one instance where the realized benefit didn t surpass the expected benefit was with time spend on security. However, the reality is that tools such as DAM can offer greater security confidence and capabilities, but cannot be seen as a replacement for dedicated security and compliance efforts from IT teams.

Conclusion New big data and cloud-based database architectures are being adopted in greater number due to the businesses advantages they provide, particularly in regard to added business agility and scalability. However, those benefits will be quickly eclipsed by security and privacy concerns if companies are unable to properly govern, discover, monitor, and secure those databases and ensure regulatory compliance, i.e., PCI, SOX, HIPAA, GDPR, etc. Establishing a zero trust framework within the firm s data assets is impossible without controlling data, injecting identity into data assets (ownership, authorizations for the use of data, etc.), and controlling data paths on the network. To achieve the above, firms need the automation, governance frameworks, proper tools, and capabilities to help them secure their data adequately and cost-effectively in hybrid cloud and on-premises environments. Database activity monitoring (DAM) solutions play a great role in providing companies with the right visibility, control, and automation to give them the confidence they need to know their data is secure and that they meet data protection and privacy compliance regulations. METHODOLOGY This Technology Adoption Profile was commissioned by Imperva. The custom survey questions were fielded to 150 data security decisionmakers at US enterprises with 1000+ employees managers. The customer survey was completed in November 2017. ABOUT FORRESTER CONSULTING Forrester Consulting provides independent and objective research-based consulting to help leaders succeed in their organizations. Ranging in scope from a short strategy session to custom projects, Forrester s Consulting services connect you directly with research analysts who apply expert insight to your specific business challenges. For more information, visit forrester.com/consulting. Project Director Chris Taylor Sr. Market Impact Consultant 2017, Forrester Research, Inc. All rights reserved. Unauthorized reproduction is strictly prohibited. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. Forrester, Technographics, Forrester Wave, RoleView, TechRadar, and Total Economic Impact are trademarks of Forrester Research, Inc. All other trademarks are the property of their respective companies. For additional information, go to forrester.com. [1-158RF8W]

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback