We have set our focus on the areas of current needs in the market with special focus on Security in the Cloud and providing Managed Security Services.
(covering the key "Gartner's top 10 Security Projects" for 2018, 2019 and 2020-2021 and "Top Trends in CyberSecurity, 2022"
Currently, 60% of knowledge workers are remote, and at least 18% will not return to the office. These changes in the way we work, together with greater use of public cloud, highly connected supply chains and use of cyber-physical systems have exposed new and challenging attack “surfaces.”
This leaves organizations more vulnerable to attack. Gartner recommends security leaders look beyond traditional approaches to security monitoring, detection and response to manage a wider set of risks.
Identity systems are coming under sustained attack. Misuse of credentials is now a primary method that attackers use to access systems and achieve their goals. For example, in the SolarWinds breach attackers used a supplier’s privileged access to infiltrate the target network.
Gartner uses the term identity threat detection and response (ITDR) to describe a collection of tools and processes to defend identity systems. In the longer term, more consolidated solutions will emerge.
Learn more: Your Ultimate Guide to Cybersecurity
Gartner predicts that by 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains, a three-fold increase from 2021.
Security and risk management leaders need to partner with other departments to prioritize digital supply chain risk and put pressure on suppliers to demonstrate security best practices.
Security products are converging. Vendors are consolidating security functions into single platforms and introducing pricing and licensing options to make packaged solutions more attractive.
While it may introduce new challenges such as reduced negotiating power and potential single points of failure, Gartner sees consolidation as a welcome trend that should reduce complexity, cut costs and improve efficiency, leading to better overall security.
The cybersecurity mesh is a modern conceptual approach to security architecture that enables the distributed enterprise to deploy and integrate security to assets, whether they’re on premises, in data centers or in the cloud.
Gartner predicts that by 2024, organizations adopting a cybersecurity mesh architecture will reduce the financial impact of individual security incidents by an average of 90%.
Executive leaders need a fast and agile cybersecurity function to support digital business priorities. However, as more aspects of the business are digitalized, the job is becoming too big for a centralized CISO role. Leading organizations are building the office of the CISO to enable distributed cyber judgment.
The CISO and the centralized function will continue to set policy, while cybersecurity leaders are placed in different parts of the organization to decentralize security decisions.
Download now: 3 Must-Haves in Your Cybersecurity Incident Response Plan
Human error continues to feature in most data breaches, showing that traditional approaches to security awareness training are ineffective. Progressive organizations are moving beyond outdated compliance-based awareness campaigns and investing in holistic behavior and culture change programs designed to provoke more secure ways of working.
Gartner's top 10 Security Projects" for 2019
1. Users' Identity, Access and Privileged Management.
2. Pro-Active Intelligent Threats Management.
3. Cloud Security and Data Loss Prevention.
4. Web, Email Isolation and Anti-Phishing Solutions.
5. Data and Application Security.
6. Automated Distribution Patch and Inventory Management.
Gartner's top 10 Security Projects" for 2020-2021
No. 1: Securing Your Remote Workforce
No. 2: Risk-Based Vulnerability Management
No. 3: Extended Detection and Response (XDR)
No. 4: Cloud Security Posture Management
No. 5: Simplify Cloud Access Controls
No. 6: DMARC- domain-based message authentication, reporting and conformance
No. 7: Passwordless Authentication
No. 8: Data Classification and Protection
No. 9: Workforce Competencies Assessment
No. 10: Automating Security Risk Assessments
Reference: Gartner.com https://www.gartner.com/smarterwithgartner/gartner-top-security-projects-for-2020-2021/
From a services perspective we have experience in the IT, OT and IOT environment, not limited to the following areas of expertise:
1. Cloud Solutions and SaaS
Cloudflare, Radware, Netskope, Forcepoint, Menlo Security, Resec etc.
2. Anti-Email Phishing Solution
Ironscales, Knowbe4, Barracuda, Proofpoint etc.
3. Infrastructure and Application Security
Ivanti, Quest, CyberArk, BeyondTrust, Micro Focus, Checkpoint, Forcepoint, WatchGuard, Rapid7, Tenable, Palo Alto and Waterfall etc.
4. Infrastructure, Application Monitoring and Network Access Control
RPTG, Fortigate, Solarwinds etc.
5. Pro-active cyber security:
ExtraHop, Darktrace, Rapid7, LogRythm, FortiSIEM etc.
6. Resource Liberty solutions
Managed Services and Level 1 support etc.
7. Cyber Security Defence:
Security Posture Assessment & Management.
Application Vulnerability Assessment & Pen-Testing.
Incident Detection and Response.
Castelium has provided solutions to customers in many sectors of the market.
1. Financial
2. Education
3. Manufacturing
4. Transportation
5. Software Development
6. Outsourcing Services