Riaan Joyina abaphathi abaphezulu eSan Francisco ngoJulayi 11-12, ukuzwa ukuthi abaholi bahlanganisa kanjani futhi bathuthukisa kanjani ukutshalwa kwezimali kwe-AI ukuze kuphumelele. Funda kabanzi
Abahlaseli bateleka emabhizinisini ngokuntshontshwa kobunikazi njengomgomo wabo omkhulu. Ama-CISO kanye nama-CIO atshele i-VentureBeat ukuthi babone ukukhuphuka kwezinga ekuhlaselweni okuqhutshwa umazisi ezinyangeni ezintathu zokuqala zika-2023.
Ukuthola ubuwena kahle kuwumgogodla wohlaka oluqinile lwe-zero-trust. Kudinga ukuqina kwe-endpoint, inzwa ethuthukisiwe namasu okuhlaziya idatha ye-telemetry, kanye nokuqanjwa okusha okusheshayo ekuvikeleni ubunikazi.
Lawula obunikazi ukuze ulawule inkampani
Ngokusebenzisa izikhala kungqalasizinda yamafu ukuze uthole izindawo zokugcina ezibuthakathaka noma ezingavikelekile, akumangazi ukuthi kube nokukhuphuka okungama-95% ukuhlaselwa kwengqalasizinda yamafu, ngemizamo yokungena ehlanganisa abalingisi ababona amafu abasabisayo ngokuphindwe kathathu unyaka nonyaka. Kusukela kumaqembu ezigebengu ezisebenza ngama-inthanethi kuya ekuxhaswe nguhulumeni usongo oluqhubekayo oluqhubekayo (APT) amaqembu, abahlaseli bayazi ukuthi ukuhlula iphoyinti elilodwa nje kuvula ingqalasizinda yenhlangano ekuqinisekiseni, ubunikazi kanye nokwebiwa kwedatha.
I-CrowdStrike’s I-Global Threat Report yango-2023 ikhombe ukuthi kungani ubunikazi buvinjezelwe. Aphakathi kwezimpahla ezibaluleke kakhulu zenhlangano, ezinothe ngedatha yomuntu siqu enenani eliphezulu kuwebhu emnyama. Ithimba le-CrowdStrike’s Intelligence lithole ukuthambekela okuphazamisayo kwabahlaseli finyelela kubathengiukuthengisa ubunikazi obuntshontshiwe obuhlanganiswe ngobuningi ngamanani aphezulu kuwebhu emnyama.
Ukuhlaselwa kwe-Endpoint kwanda ekuqaleni kuka-2023
Ukwanda kokuhlasela kwamafu kanye ne-endpoint kwenza unyaka ka-2023 ube unyaka oyinselele kakhulu kunama-CISO amaningi okuxoxwe ngawo – futhi abekelwe isabelomali – sawo. Ama-CISO emabhange, ezimbonini zezezimali kanye nezimboni zomshwalense atshele i-VentureBeat, ngemibandela yokungadalulwa igama, ukuthi ukuhlaselwa kuzo zonke izinhlobo zezindawo zokugcina kuphindeke kane ezinyangeni ezine nje. Idatha abangayithwebula ibonisa ingqalasizinda yamafu, uhla lwemibhalo olusebenzayo, i-ransomware, uhlelo lokusebenza lwewebhu, ukuxhashazwa kokuba sengcupheni, kanye nokuhlaselwa kokuphikiswa kwesevisi okusabalalisiwe (DDOS) okugqama kakhulu ezinsukwini ezingu-120 ezedlule.
Unyaka ka-2023 usewunyaka onenselele enkulu kunaleyo elindelwe ama-CISO ngenxa yengcindezi eyengeziwe yokuhlanganisa izitaki zobuchwepheshe futhi ugcine isabelomali ngaphansi kokulawula (noma ukuncishiswa) kuyilapho ubhekene nezinga lokukhula elikhulayo lokuhlaselwa. Umsunguli kanye ne-CEO yeCrowdStrike, uGeorge Kurtz, ubenolwazi lapho echaza ngesikhathi ekhuluma engqungqutheleni yenkampani. Umcimbi we-Fal.Con ngo-2022 ukuthi “iqiniso liwukuthi abantu baxhaphaza amaphuzu kanye nomsebenzi omningi. Futhi yilapho ngempela impi eyenzekayo. Ngakho-ke kufanele uqale ngokutholwa kwephoyinti lokugcina emhlabeni. Futhi-ke ukusuka lapho, kumayelana nokwelula lokho ngale kwe-endpoint telemetry. ”
Ama-CISO atshele i-VentureBeat izinhlelo zabo zokuhlanganisa ukuphepha kwephoyinti lokugcina kanye nokutholwa kwe-endpoint and response (EDR) manje kusekelwe efwini ingxenye enkulu. Ukuba ne-endpoint security, EDR, kanye ukutholwa okunwetshiwe kanye nokuphendula (XDR) okusekelwe efwini kuxazulula izinselele ezimbalwa ezihlobene nozakwabo basemagcekeni, okukhulu kunakho konke ukuba yizindleko eziqhubekayo zokulungisa nokuchibiyela. Abathengisi abahamba phambili abahlinzeka ngamapulatifomu e-XDR bahlanganisa i-CrowdStrike, Microsoft, I-Palo Alto Networks, I-TEHTRIS futhi I-Trend Micro.
Iziphetho eziqinile neziziphilisayo ziyizigxobo zetafula
Ukuchaza ukuphepha kwendawo yokugcina emhlabeni ongathenjwa kufanele kuqale ngokubona ukuthi izinkundla zokuvikela i-endpoint kanye nezinhlelo zokuphatha ubunikazi zihlangana ngokushesha kangakanani. Iziphetho zenethiwekhi yebhizinisi ngalinye zinobunikazi bedijithali obuningi, obuqala ngalezo ezinikezwe izinhlelo zokusebenza, izinkundla namasistimu angaphakathi afinyelelwe kusukela ekugcineni kuya kubunikazi bedivayisi.
Amasevisi wamafu aphoqelela ukugqagqana kwezinkundla zokuvikela indawo yokugcina nokuphathwa kobunikazi. Ngokwesibonelo, Isevisi yohlelo lokusebenza lwe-Microsoft Azure isekela ukunikeza ubunikazi obuningi obabelwe umsebenzisi kuhlelo lokusebenza oluthile, olungeza ubunkimbinkimbi obukhulu kububanzi bobunikazi obusekelwa amaphoyinti okugcina. Kungokufanayo kumadivayisi. I-Cisco’s Identity Services Engine (ISE) ingachaza amaqembu omazisi bephoyinti lokugcina ngokugunyazwa kwawo. Lawa masevisi abonisa okwenzekayo ngokushesha emakethe — ubunikazi buba yisisekelo seziphetho.
Ama-CISO adinga ukubonakala okungcono kukho konke ubunikazi indawo yokugcina enabo. Izinhlaka ze-Zero-trust kanye nomcabango wokufinyelela okungenalungelo elincane kuyadingeka. Lezo zidingo ziqhuba okulandelayo kumasu okugcina ezinkampani namuhla:
Qhubeka uqaphe futhi uqinisekise
Kuwumgogodla wokwenza izinhlaka ze-zero-trust ziqine futhi zikhule, futhi idatha ye-telemetry ibalulekile ekuhlonzeni okungase kube khona ukugxambukela nemizamo yokwephula. Umgomo uwukwengamela, uqinisekise futhi ulandelele yonke imisebenzi yedatha yesikhathi sangempela ye-endpoint ukuze usize ukuhlonza nokusabela ezinsongweni ezingaba khona. Abathengisi abahamba phambili abanikeza leli khono bahlanganisa i-SecureX ye-Cisco, i-Duo, ne-Identity Services Engine (ISE); kanye ne-Microsoft’s Azure Active Directory and Defender. Inkundla ye-CrowdStrike’s Falcon, Okta I-Identity Cloud, kanye nesixazululo se-Palo Alto Networks ‘Prisma Access nazo zingabathengisi abahlinzeka ngokuqapha okuqhubekayo kumakhasimende ebhizinisi namuhla.
Qinisa iziphetho
Kuwulwazi oluvamile ukuthi abahlaseli baskena yonke imbobo evulekile engaba khona futhi isiphetho ibhizinisi elinalo, ngethemba lokuthi eyodwa nje ngeke ivikelwe noma ingalungiselelwanga kahle. I-Absolute Software 2021 Endpoint Risk Report ithole ukuthi amaphoyinti okugcina amiswe ngokwedlulele asengcupheni njengokungabi nakho ukuvikeleka kwendawo yokugcina endaweni. Ucwaningo lwe-Absolute luthole izilawuli zokuphepha eziyi-11.7 ngedivayisi ngayinye, iningi liqukethe izilawuli eziningi zomsebenzi ofanayo.
Iziphetho zokuzilapha zisiza ukwehlisa ukusabalala komenzeli wesoftware ngokuletha ukuqina okukhulu. Ngencazelo, isiphetho sokuziphilisa sizozivala futhi siqinisekise izingxenye zayo eziyinhloko, kuqala nge-OS yayo. Okulandelayo, indawo yokugcina izokwenza inguqulo yesichibi, bese izisethela kabusha ekucushweni okulungiselelwe ngaphandle kokungenelela komuntu.
I-Absolute Software, Akamai, I-Ivanti, I-MalwarebytesMicrosoft, I-SentinelOne, I-Tanium, i-Trend Micro nabanye abaningi baneziphetho ezikwazi ukuziphilisa ngokuzenzakalelayo. I-Absolute Software iyaphawuleka ngokunikeza i-tether yedijithali engasuki kuyo yonke indawo esekelwe ku-PC eqapha ngokuqhubekayo futhi iqinisekisa zonke izicelo zedatha yesikhathi sangempela se-endpoint kanye nokwenziwe.
I-Absolute’s Ukuqina inkundla iyaphawuleka ngokuhlinzeka ngokubonakala kwesikhathi sangempela nokulawula kwanoma iyiphi idivayisi, kunethiwekhi noma cha, kanye nedatha enemininingwane yokuphathwa kwempahla. Absolute futhi yasungulwa futhi yethulwa inkundla yokuqala yomkhakha yokuziphilisa ye-zero-trust eklanyelwe ukuletha ukuphathwa kwempahla, idivayisi nokulawulwa kohlelo lokusebenza, ubuhlakani be-endpoint, ukubika isigameko, ukuqina kanye nokuhambisana.
Lungiselela ukuphathwa kwesichibi
Iziphetho eziqinile, eziziphilisayo ziba semqoka ku-IT, ITSM kanye namaqembu ezokuphepha, wonke abhekene nokushoda kwesikhathi okungapheli namuhla. “Ukuphathwa kwe-Endpoint namandla okuziphilisa kuvumela amaqembu e-IT ukuthi athole yonke idivayisi kunethiwekhi yawo, bese ephatha futhi avikele idivayisi ngayinye esebenzisa amasu esimanje, angcono kakhulu aqinisekisa ukuthi abasebenzisi bokugcina bayakhiqiza futhi izinsiza zenkampani ziphephile,” kusho u-Srinivas Mukkamala, isikhulu esiphezulu semikhiqizo e-Ivanti, phakathi nengxoxo yakamuva ne-VentureBeat.
Uqhube wathi, “Ukuzenzakalela nokuziphilisa kuthuthukisa ukukhiqiza kwabasebenzi, kwenza ukuphathwa kwedivayisi kube lula futhi kuthuthukise ukuma kwezokuphepha ngokunikeza ukubonakala okuphelele kuyo yonke impahla yenhlangano kanye nokuletha okuzenzakalelayo kuwo wonke uhla olubanzi lwamadivayisi.”
Ama-CISO athe amaqembu awo agcwele kakhulu umsebenzi ogxile ekuvikeleni abasebenzi, izinhlelo kanye, ekukhiqizeni, wonke amafekthri, kangangokuthi asikho isikhathi esanele sokuphathwa kwe-patch. Ucwaningo luka-Ivanti ekuphathweni kwe-patch bathole ukuthi u-71% we-IT kanye nochwepheshe bezokuphepha banomuzwa wokuthi ukuchibiyela kuyinkimbinkimbi ngokweqile futhi kudla isikhathi, futhi ama-53% athi ukuhlela nokubeka phambili ubuthakathaka obubalulekile kuthatha isikhathi sabo esiningi.
Uma kubhekwa ukuthi kubaluleke kangakanani ukuphatha kahle isichibi, ukuthatha a indlela eqhutshwa idatha angasiza. Okunye okusha abathengisi abaningana abakusebenzisayo ukubhekana nale nkinga ubuhlakani bokwenziwa (AI) nokufunda komshini (ML).
Inkundla ye-Ivanti’s Neurons incike kumabhothi asekelwe ku-AI ukuze ifune, ihlonze futhi ibuyekeze zonke iziqephu kuzo zonke izindawo ezidinga ukubuyekezwa. Izindlu zika-Ivanti Ukulawulwa Kwepheshi Yamafu Okusekelwe Engozini Kuyaphawuleka ukuthi inkundla yabo ihlanganisa kanjani I-Vulnerability Risk Rating (VRR) ukuze isize abahlaziyi besikhungo sokusebenza kwezokuphepha (SOC) bathathe isinyathelo esibeka ubungozi kuqala. U-Ivanti uthole indlela yokuhlinzeka ngokulandelela kweleveli yesevisi (i-SLA) ephinde inikeze ukubonakala kumadivayisi aseduze ne-SLA, okuvumela amaqembu ukuthi athathe isinyathelo sokuqala.
Abathengisi abengeziwe abanikeza izixazululo zokulawulwa kweziqephu ezizenzakalelayo zihlanganisa BroadcomCrowdStrike, SentinelOne, McAfee, SophosTrend Micro, I-VMWare Carbon Black futhi I-Cybereason.
Bulala ukunyakaza kwe-lateral futhi unciphise indawo yokuhlasela
Ukuba nengqondo ephulwe kuyisihluthulelo sokuqina ekungathembeni. Ukucabanga ukuthi imizamo yokungena nokuphula umthetho ayinakugwenywa kuyisigqugquzeli esinamandla se-IT kanye namaqembu e-cybersecurity ukuze acije amasu awo okuphepha angathembi lutho, amakhono nolwazi. Umgomo uwukwenza i-zero trust ibe yingxenye ebalulekile yenkumbulo yemisipha yenhlangano.
Indlela engcono kakhulu yokufeza lokho iwukuba uxazulule ukuthola izinhlelo namasu okusebenza kahle. Lokho kuhlanganisa nokuthola i-microsegmentation – ingxenye ebalulekile yezero trust, njengoba kushiwo ku Uhlaka lwe-NIST lwe-zero-trust – endaweni. I-Microsegmentation ihlukanisa amanethiwekhi abe amasegimenti amancane, angawodwa, anciphise indawo yokuhlasela yenethiwekhi futhi akhulise ukuphepha kwedatha nezisetshenziswa.
Abathengisi abathile be-microsegmentation bangakwazi ukuhlonza ngokushesha futhi bahlukanise umsebenzi osolisayo kumanethiwekhi wabo. Kubahlinzeki abaningi be-microsegmentation namuhla, abasha kakhulu I-Airgap, I-AlgoSec, Amathokheni ombala, I-Illumio, Prisma Cloud futhi I-Zscaler Cloud Platform.
Kulokhu, inkundla ye-Airgap yokungathembi lutho isebenzisa indlela ye-microsegmentation ephatha isiphetho sikamazisi ngamunye njengebhizinisi elihlukile futhi iphoqelela izinqubomgomo eziyimbudumbudu ezisekelwe olwazini lwengqikithi, ukuvimbela ngempumelelo noma yikuphi ukunyakaza okuhlangene. Izakhiwo ze-AirGap zihlanganisa inethiwekhi yenqubomgomo ezimele ekala izinqubomgomo ze-microsegmentation kunethiwekhi yonke ngokushesha.
Ukuphepha kwephoyinti lokugcina enkathini yokuhlanganisa-yokuqala
Unyaka ka-2023 uba unyaka onenselelo kakhulu kunokulindelekile ama-CISO namathimba awo. Ukuhlasela kwe-spiking nemizamo yobugebengu bokweba imininingwane ebucayi ethuthuke kakhulu neyobunjiniyela bezenhlalo edalwe kusetshenziswa i-ChatGPT igcizelela i-IT namathimba okuvikela asevele asebenze ngokweqile. Ngesikhathi esifanayo, ama-CISO abhekene nezingqinamba zesabelomali nemiyalo yokuhlanganisa izitaki zawo zobuchwepheshe. Ngokumelene nalesi sizinda sesabelomali esiqinile kanye nokwephulwa okwengeziwe, ukuqina kakhulu nezindawo zokugcina yilapho abaningi beqala khona.
“Uma sikhuluma nezinhlangano, esikuzwa kakhulu ukuthi: Singaqhubeka kanjani nokukhulisa amandla okuqina, sikhulise indlela esizivikela ngayo, ngisho noma sibhekene nenani eliphansi noma isabelomali esiqinile? Ngakho-ke kwenza esikwenzayo mayelana ne-cyber-resiliency kubaluleke nakakhulu, “kusho uChristy Wyatt, umongameli kanye ne-CEO ye-Absolute Software, BNN Bloomberg interview.
Umsebenzi we-VentureBeat kufanele kube isikwele sedolobha esidijithali sabenzi bezinqumo zobuchwepheshe ukuze bathole ulwazi mayelana nobuchwepheshe bebhizinisi obushintshayo kanye nokuhwebelana. Thola Okufingqiwe kwethu.
