siliconindia | | JULY 202319breach mobile device. Mobile device management tools and remote wiping, basic security precautions, are put in place only by 50 percent.Enterprise Security architecture is key factor in the practice of applying a comprehensive and rigorous meth-od for describing a current and/or future structure and behaviour for an organization's security processes, infor-mation security systems, personnel so that they align with the organization's core goals and strategic direction. Al-though often associated strictly with enterprise Security, it relates more broadly to the security practice of business optimization in that it addresses business security archi-tecture, performance management, and security process architecture as well.Securing the enterprise is no easy task. When we talk about Enterprise Security, everybody thinking about, how to enhance Cybersecurity measures for enterprise? and How to keep attackers out?Key Points to be Remembered-1. Security Concept, Solution and Strategy alignment with your Business.2. Manage and Review your Security Parameters and Policies against Growing Threats.3. Prioritize and Modernize your security Solutions.4. Security Solutions should be aligned to Protect Users Data and digital assets.5. Strong network required with industries cyber Secu-rity Leaders and knowledge Sharing. 6. Believe in zero trust policy.IT security deals primarily with the confidentiality, integrity, and availability of information and provides mechanisms to protect these aspects. When information is compromised, the result is a change in state of one of these aspects.1. Confidentiality: Ensures that privileged or sensitive information is accessible only to those individuals with a valid requirement to view and access the information. It is particularly important when concerning personal in-formation, intellectual property, and classified or sensitive information in a government context.2. Integrity: Refers to a lack of corruption in data or overall consistency. When integrity of information is compromised, it creates a lack of trust wherein data may have been manipulated, changed, or deleted.3. Availability: Relates to having access to authorized information when it is required. Should information be affected so it cannot be accessed when needed and author-ized, then availability has been compromised. Security architecture to Establishing the Business Con-text and should consider the following key questions: APPPTT1. Assets -what are you trying to protect at each layer? 2. Purpose- why are you protecting these assets?3. Process- How will you achieve your objective?4. People- who is involved in applying security?5. Target-where are you applying security? 6. Time- when are you applying security?Hide & Seek Pattern-1. It's hard to predict risks and attacks.2. When they get in. it's hard to find them.3. When we find them, it's hard to get out. What can we do? ­1. Understand the threat or attack.2. Do research and discus with Security Leaders.3. Find out root and be Agile.4. Be Resilient and adopt approaches for continued op-erations during cyber-attacks.5. Prepare incident Report for future references.Every employee is virtually part of the security equa-tion and having a security culture that includes education, collaboration between IT operations and security teams, and security tools is essential.Lack of security awareness still plagues the organi-zation, as employees and IT staff often make mistakes that leave the company vulnerable. Those include: weak passwords, bad email practices, out-of-date policies and tools, no monitoring, and no knowledge of where data resides. Still organizations want to live in their comfort zone and not following best practices and result is they are facing cyber-attacks. Organizations need to defence in depth. Use the lifecycle of InfoSec tools of firewall, filtering, DLP, IoT security, encryption, IDS/IPS, DNS security, pen tests, container security, WAF, DDoS mitiga-tion, cloud security, and last but not least, don't forget physical security. IT security deals primarily with the confidentiality, integrity, and availability of information and provides mechanisms to protect these aspects
< Page 9 | Page 11 >