It is now accepted that attackers will breach even the best defences, and if they do get in, the focus switches to mitigating the impact on your core business, ensuring critical operations continue and normal business is resumed as quickly as possible. This category looks at the solutions, tools and services on offer to ensure your systems have the resilience to survive a successful attack, minimising impact and achieving the shortest resumption of normal service.
These offerings provide a turnkey approach to an organisation’s primary technical security needs. These offerings can either be a co-located device at the client organisation facility, or can be a completely outsourced solution where the application to be protected would reside at the vendor’s data centre.
A still somewhat-emerging category, these products focus on detecting insider threats, targeted attacks and other fraudulent activities by examining human behaviours, identifying patterns that are then analysed through the application of algorithms and statistical analysis to detect anomalies that may indicate threats of loss or compromise to organisations’ critical data. Offerings in this space are also referred to as so-called “user-behaviour analytics” products by analyst company Gartner.
Security information and event management (SIEM) tools are used to collect, aggregate and correlate log data for unified analysis and reporting. Typically, these tools can take logs from a large number of sources, normalise them and build a database that allows detailed reporting and analysis. While forensic analysis of network events may be a feature of a SIEM, it is not the only feature, nor is it the primary focus of the tool.
This category includes ALL cyber security education programmes for any establishments throughout the UK and Europe who offer a qualification based on the quality of instruction, programmes and how well these prepare students for the marketplace