Question

What is involved in providing network and information security within an enterprise? What new innovations are available in this area?

Answer 1

Network and Information security is an utmost requirement of an enterprise as explained below:

Since the work within an enterprise depends on the web, email and file exchange. That's why most of the cyber attacks use those communication channels to infiltrate the organization and gain access to the valuable data or cause damage. In an attempt to defend those channels, traditional signature-based security software can generate thousands of alerts each week, over 80% of which are considered false positives—those not worth pursuing, leaving most organizations resource-starved to process even the critical 20%.While organizations try to apply expertise and intelligence to deal with the plethora of alerts, the systems are already breached and vulnerable to data loss and vandalism—especially from the evasive attacks of today, including zero-day, blended, and targeted attacks that traditional signature-based solutions fail to detect. A recent study showed 97% of organizations suffered breaches even though they all had traditional security solutions in place.The most basic need for network security is visibility into the network itself; you can't secure what you can't see. Therefore visibility is needed first.

Organizations and people that use computers can describe their needs for information security and trust in systems in terms of three major requirements:

1) Confidentiality: controlling who gets to read information;

2) Integrity: assuring that information and programs are changed only in a specified and authorized manner; and

3) Availability: assuring that authorized users have continued access to information and resources.

There are many new innovations that are available in this area, some of them are listed below:

1) Hardware Authentication

2) User- behavior Analytics

3) Data loss prevention

4) Cloud Technology

5) Deep learning