Categories: Cybersecurity
Tags: ExtraHop

Top five cybersecurity tips for enterprise organisations


Share this content


National Cybersecurity Awareness Month (NCSAM) is observed every October to raise cybersecurity awareness and provide resources to help individuals and enterprises be safer and more secure online. This year, ExtraHop, the provider of cloud-native network detection and response, is joining NCSAM organisers and security professionals around the world in offering tips and strategies for enterprise organisations to improve their security posture across hybrid and cloud workloads. Below are the company’s top five tips for building smarter enterprise security:

  • Prevention is a pipe dream: With global data breaches on the rise, organisations are increasingly shifting their strategy from protection and prevention at the perimeter to detection and response in the east-west traffic corridor. According to Gartner, 60% of enterprise information security budgets will be allocated to rapid detection and response approaches by 2020 — up from less than 10% in 2014. While prevention still has value as a first line of defence, cybersecurity leaders should re-focus their operations – people, process and technology – on reducing dwell time and mitigating damage.
  • Get clarity on cloud security: If you’re hosting anything in the cloud, it’s critical to understand where your cloud service provider’s security responsibility ends and yours begins. Some of the most common threats to cloud security are home grown and preventable, including misconfiguration, unauthorised access and insecure APIs.
  • Trust no one — not even your vendors: Enterprises rely on vendors for everything from infrastructure and applications to security. But do you know how vendors use your data? Ask questions of your vendors to ensure you understand how your data is being handled, where it’s going and what level of encryption the vendor uses.
  • Put your defences to the test: To improve the security posture of your organisation and find potential gaps in your defences, run red vs. blue exercises. These keep your security team sharp and help proactively identify your security vulnerabilities.
  • Assume the threats are already inside: According to M-Trends 2019, the average dwell time of a threat in a corporate environment is 78 days. Businesses need to invest in the ability to actively monitor and analyse traffic inside their networks. This is where threats dwell and right now, it’s an open field for attackers.

To learn more about the company’s cloud-native network detection and response platform, visit and explore the Reveal(x) interactive online demo:

Receive the latest breaking news straight to your inbox