The annual Cybersecurity Marketplace Research Report, Cybercrime Magazine’s s annual Top 150 Cybersecurity Companies to watch list features companies from all around the globe that embrace the highest standards of cyber hygiene. The criteria is simple: the best companies demonstrate an ability to address all forms of risk, including those posed by external hackers. These companies are measured against four separate aspects. They must demonstrate a commitment to security, they must have the resources to appropriately address threats, they must have a comprehensive vulnerability management program in place, and they must have an appropriate security protocol in place to mitigate threats in real-time. All four of these aspects are interdependent and must be considered in the context of a company’s overall security posture.
Cloud Computing. Cloud computing describes the use of networks and storage facilities to deliver applications and services to a service provider’s end-users. In the context of the broader field of cyber hygiene, a cloud service is defined as a system that sustains an acceptable degree of cyber risk and can reliably handle and distribute all types of threat information. A cloud provider typically utilizes public or private clouds to deliver their services, with the public cloud being the most well-known. Private clouds, which employ private servers rather than shared infrastructure, are also becoming increasingly common, and in some cases, may pose a greater cyber risk to companies conducting business on the cloud.
Endpoint Security. It is no secret that one of the most dangerous threats to companies operating outsource IT functions is through the threat of illicit activity. An illicit activity may involve data theft or, in some cases, sabotage. To mitigate the threat of unauthorized access to network infrastructure, all companies in the Cyber Corridor must implement strong vulnerability management protocols. As a result, companies that do business on the Nasdaq should not only have strong computer security programs in place to defend against hackers, they must use their own access management software solutions to ensure that even their most secure networks are protected.
Real-Time Protection. As any experienced company on the Nasdaq will tell you, prevention is much easier than stopping something that is already happening. One way that many cybersecurity companies have been successful at doing this is by having in place plans for the response to a breach in its endpoints. Companies that respond quickly and in a timely fashion to potential breach events increase the likelihood that those endpoints will remain secure even during periods of high security.
Annual Hot 150 Companies. According to a recently published report from The Information Technology Association of America (IATA), only nine of the top 500 companies were not already planning to use the cyber-protection technology that is available to them today. Of those nine companies, more than half are security technology providers. While many of the other companies on the list of Nasdaq’s premier companies did not have cyber protection plans in place, many of the new entrants on the Nasdaq had already begun developing their own private network security to protect their networks.
Ensuring Cybersecurity on Their Endpoints. Many of the companies that are on the Nasdaq are also responsible for ensuring that their endpoints are adequately protected from the threat of a vulnerability or attack. In the case of companies with online operations, these include maintaining application security, scanning websites for known vulnerabilities, and implementing defense measures to defend against such attacks. Some of the companies that participate in the Nasdaq allow customers to download software that automatically performs scanning of webpages that request sensitive information or file types. These applications, when installed on the end-user’s computers, perform a quick scan of the end-user’s computer and retrieve a list of any files that match a certain pattern that indicates an attack.
Ensuring Cybersecurity at the Workplace. For companies like pharmaceutical companies that ship products to customers world-wide, constant security threats on their end-users’ networks represent a very real concern. In order to address this problem, Nasdaq requires that these companies take preventative measures to mitigate the risk of malware infecting company systems, as well as take measures to secure their networks themselves. Some of the best software solutions for end-user network security include those that apply firewalls to prevent hackers from accessing company data. Other types of firewall applications also block viruses, making them good candidates for end-user network security by the corporations that use them.
Machine Learning for Cybersecurity. Some of the biggest challenges that companies face in their efforts to keep their networks secure stem not from hackers looking to exploit the companies’ systems, but from outside attempts. Determining the validity of an IP address, even if the address has been modified, is one of the most difficult aspects of dealing with the issue of end-user and enterprise malware. Enterprising companies are seeking to apply artificial intelligence to solve this problem by allowing machines to look at an IP address, to determine whether it is truly legitimate, and then to either leave the IP alone or to safely remove it so that the network can be protected. Machine learning has the potential to reduce the complexity of some of the most troubling aspects of end-user and enterprise malware, such as APT attacks, command and control attacks, and keyloggers.
Deepak Wadhwani has over 20 years experience in software/wireless technologies. He has worked with Fortune 500 companies including Intuit, ESRI, Qualcomm, Sprint, Verizon, Vodafone, Nortel, Microsoft and Oracle in over 60 countries. Deepak has worked on Internet marketing projects in San Diego, Los Angeles, Orange Country, Denver, Nashville, Kansas City, New York, San Francisco and Huntsville. Deepak has been a founder of technology Startups for one of the first Cityguides, yellow pages online and web based enterprise solutions. He is an internet marketing and technology expert & co-founder for a San Diego Internet marketing company.