and CIS Top are currently favoured because they are generally considered more business-friendly .
Only a year ago , awareness of these frameworks was practically non-existent outside of an organisation ’ s security function . Today , however , it is more common to hear even C-level executives discussing the security standards they are endeavouring to meet .
We expect to see these standards become more tightly integrated into ways of doing business . For example , where company A wants to utilise company B ’ s services , they may ask company B to undertake a third-party risk assessment that includes portions of these frameworks . The message is effectively : meet security best practice or we won ’ t connect with you or integrate with your services .
Multi-layered approaches will become the pinnacle of best practice
When organisations undertake reviews and test their alignment to the security standards and frameworks , it quickly becomes apparent that more work is needed to increase levels of protection .
In my mind , the adoption of multilayered approaches to security go hand-in-hand with the increased use of these frameworks .
Multi-layering isn ’ t about the number of tools an organisation has . Instead , it ’ s about understanding the spectrum of threats and risk levels and creating security processes to effectively mitigate against them . It ’ s an approach to securing the organisation and one that more often than not , leads an organisation down the path of Modern Management .
Modern Management will come into its own
I spent much of 2021 talking about Modern Management and there ’ s a good reason for that : 80 % of the projects that we undertook this year were centreed around Modern Management . There ’ s no reason to believe that level of interest won ’ t continue .
Modern Management is an umbrella term for a collection of strategies , services and software that is designed to help businesses to deploy and manage assets in the ‘ new world ’. It can be used to protect employees and the devices and systems they are logged into , regardless of what they are doing , where they are doing it from and what they ’ re working on .
It also ensures that all people and devices requestingauthorisation to connect to an organisation ’ s network or applications meet appropriate security standards before they can login and then that they can only access resources that are appropriate to their level and associated permissions .
To some extent , organisations may still be refining what work in 2022 looks like . We see organisations recruiting for fully-remote workers that will rarely , if ever , attend an office . We also see employees prioritising flexibility over more conventional workplace benefits . With so many future ways of working still up for negotiation , organisations will need to adapt their approach to Modern Management as well . It may have gotten them this far but will require changes to fit with what the workplace of 2022 will look like . www . intelligentciso . com
75