The war between data defenders and data thieves has been described as a cat-and-mouse game. As soon as the white hats counter one form of black-hat malicious behaviour, another malevolent form rears its ugly head. Ensuring data privacy became the main challenge for many organizations in 2019. While Europe was desperately getting ready for GDPR compliance, the rest of the world was deeply affected by data privacy scandals around Google and Facebook. In 2020 and beyond protection of data privacy and security will become a key target for the majority of organizations.
First, attention towards protecting personally identifiable information (PII) will lead to creation of new data security and privacy laws. Within the next five years, we should expect adoption of a national data privacy standard in the U.S., which would echo the GDPR. Organizations can get ready in advance by adopting security best practices like ongoing IT risk assessment, regular auditing, and ensuring profound visibility into data repositories and user activity.
General security best practices although will stay the same: Encrypt your data; grant access on a need-to-know basis; implement data recovery processes; be on the lookout for open or unprotected APIs; and streamline monitoring of your cloud infrastructure. To automate the execution of certain security operations and minimize human error risk, you will also have to consider AI and machine learning technologies.
In this edition, we have featured Specialized Security Services, Inc. (S3) on the cover page as they have been the champions in developing and maintaining custom-tailored cybersecurity programs. The edition also includes Nero Consulting which offers AI-powered cybersecurity services along with cybersecurity assessment services, incorporating firewalls, forensics, cloud security, open source tools, and compliance-regulations audits. We have chosen Sertainty Corporation and OMNISTRUCT. While the former offers a self-protecting data platform, developer tools, and utilities for application developers to embed an intelligence module into clients’ data files to produce self-aware data, the latter has delivers compliance services focused on ‘reasonable security’ and helps businesses on-board, maintain, and enforce information security programs based on the NIST cyber security framework. The company offers services that revolve around US guidelines and a measurable 10-point deliverable that addresses reasonable security and enforcement of these guidelines so cyber posture can be illustrated, improved, and defended. OMNISTRUCT has also developed a free NIST measurement app for small businesses, enabling them to measure and illustrate their cyber compliance posture. Additionally, the company emphasizes majorly on people and business processes with a roadmap to automate technology compliance measurements to knit privacy, risk, and cybersecurity together.
To stay safe in 2020, organizations are encouraged to employ basic security controls, understand and comply with any regulations they are subject to, and ensure to have visibility into the entire IT infrastructure and data.
We present to you “Top 10 Information Security Consulting/Services Companies - 2019