- Home >
- Services >
- Access to Knowledge >
- Trend Monitor >
- Domain of Application >
- Trend snippet: COVID-19 Forces Changes To Access Controls And Adoption Of New Security Tooling
Trends in Security Information
The HSD Trendmonitor is designed to provide access to relevant content on various subjects in the safety and security domain, to identify relevant developments and to connect knowledge and organisations. The safety and security domain encompasses a vast number of subjects. Four relevant taxonomies (type of threat or opportunity, victim, source of threat and domain of application) have been constructed in order to visualize all of these subjects. The taxonomies and related category descriptions have been carefully composed according to other taxonomies, European and international standards and our own expertise.
In order to identify safety and security related trends, relevant reports and HSD news articles are continuously scanned, analysed and classified by hand according to the four taxonomies. This results in a wide array of observations, which we call ‘Trend Snippets’. Multiple Trend Snippets combined can provide insights into safety and security trends. The size of the circles shows the relative weight of the topic, the filters can be used to further select the most relevant content for you. If you have an addition, question or remark, drop us a line at info@securitydelta.nl.
visible on larger screens only
Please expand your browser window.
Or enjoy this interactive application on your desktop or laptop.
COVID-19 Forces Changes To Access Controls And Adoption Of New Security Tooling
COVID-19 forced security, development, and operations teams into a sudden remote work environment. Once security teams address the immediate priority of enabling all employees to work from home (WFH) safely, they must also address the secondary effects of an all-remote workforce. Process gaps once glossed over through in-person interactions will become harder to ignore, and leadership charisma that resolved blockers and kept disparate teams aligned will be harder to replicate on the umpteenth email chain or conference call. This turns DevOps and S&R pros’ attention toward enhancing continuous improvement/continuous delivery (CI/CD) toolchain integration with static application security testing (SAST), software composition analysis (SCA), container security, and other application security tools.
Security leaders have long had to rely on supposition and best practices to understand the technologies they need to defend their organizations. The ATT&CK framework provides a reference model for measuring the effectiveness of an organization’s threat mitigation strategy and the potential impact of deploying other security technologies.4 The continued adoption of this framework will allow S&R pros to build better detection strategies and, ultimately, stronger security infrastructure.
Security leaders need to adapt to surveillance capitalism, which will require them to deploy technologies that protect their employees from being surveilled by tech companies, marketers, and, in some cases, governments. Not doing so will result in competitive risks for the firm, as the amount of data collected about users such as movement, job functions in IAM systems, authentication patterns, and cloud app activity could reveal corporate secrets the firm wanted to protect.
The current trend of transactions shifting from in-person to online, faceless channels is unstoppable, especially in light of changes imposed by the COVID-19 pandemic. This places further stress not only on the security organization but also on marketing, line of business, and call center operations whose digital systems support customers’ online interactions.