Cybersecurity & the New Threat Landscape

A shift towards modern computing infrastructures and architectures, particularly those deployed on the cloud, and which use microservices, has shaped and continues to shape the modern understanding of cybersecurity. In this context, cyber threats/risks and mitigation thereof mean adopting layered approaches to ensuring the safety of increasingly complex and multifaceted structures.
 
But what are the key segments within cybersecurity?
 
Cloud Security
 
Cloud security refers to policies, controls, and solutions deployed to ensure safety of the entirety of, and mitigate weaknesses in, distributed virtual infrastructure, applications, and data. This includes SaaS products, such as Microsoft 365 and Google Drive, PaaS (Platform-as-a-Service) products, such as Windows Azure, and IaaS (Infrastructure-as-a-Service) products such as AWS (Amazon Web Services).

The rise of cloud computing and shared responsibility models between users and cloud providers had led cybersecurity vendors to develop cloud-orientated or cloud-first services and products. Migration of critical enterprise applications and data to cloud, coupled with remote/hybrid working, brought cloud security to the fore, with solutions not only aimed at prevention and mitigation of threats and cyberattacks but also remediation and recovery of system components and data.
 
DDoS (Distributed Denial of Service) Security
 
DDoS attacks are a type of persistent cyberattack to applications, servers, services, or networks to distract or overwhelm it by sending rapid and continuous online requests via multiple infected devices (bots) and/or networks (botnets), flooding the bandwidth with fake traffic. Thereby, attackers deny the access of legitimate users to services.
 
These attacks often serve as front or first-stage attacks to detect and exploit the weaknesses in servers, with attackers aiming to obtain sensitive customer data and/or access critical infrastructures. DDoS security, thereby, refers to dynamic solutions and measures deployed to detect and mitigate these attacks, protect servers and networks, and minimise business downtime.
 
Email Security
 
With the advent in remote working, email has arguably become one of the main vectors for cyberattacks, with phishing, BEC (Business Email Compromise) and other forms of attacks, such as those including malware and ransomware, which can lead to large-scale data breaches.
 
Email security, therefore, refers to various solutions and broader policies to protect email accounts and content against compromises, unauthorised access, data loss or theft. Email security solutions are increasingly incorporated into cloud security solutions, as email is an essential asset to be secured.
 
Endpoint Security

Endpoint security is the practice of securing endpoint devices such as laptops, desktops, and mobile devices, from cyber threats and attacks.
 
Many security solutions have evolved to secure endpoints remotely; accessing networks and/or servers, integrating advanced threat intelligence, investigation, and response mechanisms within security platforms collectively known as XDR (Extended Detection and Response), as well as incorporating identity and access management elements for ensuring secure access.
 
Identity and Access Management
 
Identity and access management, or IAM in short, refers to a set of rules, policies, and associated technologies deployed to ensure the access of appropriate users to critical enterprise information digitally. It involves assignment of user identities and rules of access linked to those identities, as well as storage of identity and profile data, data governance rules and automated monitoring of data assets.
 
For many organisations, IAM constitutes the baseline of establishing a secure IT architecture, applicable on both cloud and on-premises systems. Arguably, IAM is also the most important component for organisations to remain compliant to regulations and avoid data breaches.
 
IoT Security
 
The IoT is a complex system of not only interconnected devices but also networks, middleware, all endpoints including sensors and appliances, and infrastructure components, as well as data transmitted and stored therein. As such, IoT security refers to ensuring the safety and integrity of IoT devices and networks.
 
Threat Intelligence
 
Threat intelligence is threat information that has been analysed and interpreted to provide the necessary context for decision-making. This information-based definition can provide a foundation, as threat intelligence currently leads the way to deployment of solutions attached to the specific threat information processed and action-oriented advice.
 
Unified Threat Management
 
Unified threat management is a single security solution that provides multiple security functions or services combined into a device to simplify protection. Hence, unified threat management is also referred to as NGFW (Next-generation Firewall) in some enterprise contexts; encompassing antivirus, web, content filtering, email filtering, and anti-spam.

---

• The total value of enterprise cybersecurity spend will exceed $226 billion in 2027, up from $179 billion in 2022; representing total growth of 26% over the next five years.
• Juniper Research’s Competitor Leaderboard for the cybersecurity market has identified the five leading market vendors as:
  • AWS
  • IBM
  • Cisco
  • Oracle
  • Sophos
• Cybersecurity vendors must form strategic partnerships with smaller, specialised cybersecurity vendors to acquire new data sources and point solutions, and offer services, such as unified threat management, in order to maintain relevance in this highly competitive market.