Security awareness training
Security awareness training helps users understand how seemingly harmless actions—from using the same simple password for multiple log-ins, to oversharing on social media—increases their own or their organization’s risk of attack. Security awareness training combined with thought-out data security policies can help employees protect sensitive personal and organizational data. It can also help them recognize and avoid phishing and malware attacks.
Identity and access management
Identity and access management (IAM) defines the roles and access privileges for each user, and the conditions under which they are granted or denied their privileges. IAM technologies include multi-factor authentication, which requires at least one credential in addition to a username and password, and adaptive authentication, which requires more credentials depending on context.
Attack surface management
Attack surface management (ASM) is the continuous discovery, analysis, remediation and monitoring of the cybersecurity vulnerabilities and potential attack vectors that make up an organization’s attack surface. Unlike other cyberdefense disciplines, ASM is conducted entirely from a hacker’s perspective, rather than the perspective of the defender. It identifies targets and assesses risks based on the opportunities they present to a malicious attacker.
Threat detection, prevention and response
Organizations rely on analytics- and AI-driven technologies to identify and respond to potential or actual attacks in progress because it's impossible to stop all cyberattacks. These technologies can include (but are not limited to) security information and event management (SIEM), security orchestration, automation and response (SOAR), and endpoint detection and response (EDR). Typically, these technologies are used as part of a formal incident response plan.
Disaster recovery
Disaster recovery capabilities often play a key role in maintaining business continuity in the event of a cyberattack. For example, the ability to fail over to a backup that is hosted in a remote location can enable a business to resume operations quickly following a ransomware attack (and sometimes without paying a ransom).
Πηγή: ΙΒΜ