cerrar
cerrar
Su red del mañana
Su red del mañana
Planifique su camino hacia una red más rápida, más segura y más resistente diseñada para las aplicaciones y los usuarios a los que da soporte.
          Descubra Netskope
          Ponte manos a la obra con la plataforma Netskope
          Esta es su oportunidad de experimentar de primera mano la Netskope One plataforma de una sola nube. Regístrese para participar en laboratorios prácticos a su propio ritmo, únase a nosotros para una demostración mensual del producto en vivo, realice una prueba de manejo gratuita de Netskope Private Accesso únase a nosotros para talleres en vivo dirigidos por instructores.
            Líder en SSE. Ahora es líder en SASE de un solo proveedor.
            Líder en SSE. Ahora es líder en SASE de un solo proveedor.
            Netskope debuta como Líder en el Cuadrante Mágico™ de Gartner® para Single-Vendor SASE
              Protección de la IA generativa para principiantes
              Protección de la IA generativa para principiantes
              Descubra cómo su organización puede equilibrar el potencial innovador de la IA generativa con sólidas prácticas de seguridad de Datos.
                Prevención de pérdida de datos (DLP) moderna para dummies eBook
                Prevención moderna de pérdida de datos (DLP) para Dummies
                Obtenga consejos y trucos para la transición a una DLP entregada en la nube.
                  Libro SD-WAN moderno para principiantes de SASE
                  SD-WAN moderna para maniquíes SASE
                  Deje de ponerse al día con su arquitectura de red
                    Entendiendo dónde está el riesgo
                    Advanced Analytics transforma la forma en que los equipos de operaciones de seguridad aplican los conocimientos basados en datos para implementar una mejor política. Con Advanced Analytics, puede identificar tendencias, concentrarse en las áreas de preocupación y usar los datos para tomar medidas.
                        Los 6 casos de uso más convincentes para el reemplazo completo de VPN heredada
                        Los 6 casos de uso más convincentes para el reemplazo completo de VPN heredada
                        Netskope One Private Access es la única solución que le permite retirar su VPN para siempre.
                          Colgate-Palmolive Salvaguarda su "Propiedad Intelectual" con Protección de Datos Inteligente y Adaptable
                          Colgate-Palmolive Salvaguarda su "Propiedad Intelectual" con Protección de Datos Inteligente y Adaptable
                            Netskope GovCloud
                            Netskope logra la alta autorización FedRAMP
                            Elija Netskope GovCloud para acelerar la transformación de su agencia.
                              Hagamos grandes cosas juntos
                              La estrategia de venta centrada en el partner de Netskope permite a nuestros canales maximizar su expansión y rentabilidad y, al mismo tiempo, transformar la seguridad de su empresa.
                                Soluciones Netskope
                                Netskope Cloud Exchange
                                Netskope Cloud Exchange (CE) proporciona a los clientes potentes herramientas de integración para aprovechar las inversiones en su postura de seguridad.
                                  Soporte técnico Netskope
                                  Soporte técnico Netskope
                                  Nuestros ingenieros de soporte cualificados ubicados en todo el mundo y con distintos ámbitos de conocimiento sobre seguridad en la nube, redes, virtualización, entrega de contenidos y desarrollo de software, garantizan una asistencia técnica de calidad en todo momento
                                    Vídeo de Netskope
                                    Netskope Training
                                    La formación de Netskope le ayudará a convertirse en un experto en seguridad en la nube. Estamos aquí para ayudarle a proteger su proceso de transformación digital y aprovechar al máximo sus aplicaciones cloud, web y privadas.

                                      Why Risk Doesn’t Need to Be a Four Letter Word

                                      Apr 20 2023

                                      Risk used to be a word thrown around as if it could be defined generally and, once defined, consistently applied to all business and technology use cases. This didn’t work out so well for customers, CISO’s, or vendors. Risk was a “four-letter-word” and it fell out of common use. 

                                      Happily, the technology that underpinned quantifying cybersecurity risk has come a long way. Now many vendors take advantage of machine learning algorithms to understand normal versus abnormal behavior. This has led to more reliable, actionable indicators than another thousand alerts and has set the stage for bringing quantified risk back into the limelight. More importantly, the underlying assumption of ONE definition for risk has also evolved—risk context, we increasingly say, is king. 

                                      Tools like Netskope Cloud Risk Exchange (CRE) have given practitioners the means to leverage many signals to create a customizable set of rules around individual, combination, or normalized aggregate risk levels associated with users, devices, and applications. Even better, frameworks like Shared Signals and Events by OpenID and its associated Continuous Authentication Evaluation Protocol give vendors means for passing the context of their risk scores. Without that, each vendor only knows why a score changed through its own lens—but with multiple context sources, ISVs can start making decisions to change their own scores based on OTHER systems’ findings.

                                      So now the identity provider detecting a bad guy attempt to brute force login to OneDrive can tell the endpoint security vendor that the user is suspect and why, the endpoint vendor can tell the cloud vendor that the problem appears to be associated with a high risk (compromised device), and the cloud vendor can tell both that the user and device started acting strangely during the last full moon and hasn’t changed since. Additionally observing the user has started using a number of other high-risk, privacy unfriendly applications in the interim. Rather than sorting through thousands of alerts or millions of signals, the vendors can leverage all the processing power each has brought to bear to share the findings and then the customer can take action as appropriate. Then every participating IT/security vendor can support creating or invoking dynamic rules to change user and/or device access or authentication requirements in response to the big picture of risk, as customized for each organization’s risk management practices. 

                                      Nearly every Netskope technology partner has some way to change policy or move users in response to indicators, to correlate and trigger that change. 

                                      Consider a group of insurance companies sharing risk information about an often impaired driver operating a poorly maintained car. They know that driver and car combination is dangerous, it is just a matter of time before there is a collision, so they raise their rates to reduce their risk. The downside of this model is that they don’t have visibility into whether the driver is impaired right now or if they’re currently in a car with faulty brakes.

                                      So vendors are moving towards a continuous validation of risk in real time. As it is being implemented, this form of check-in “is the driver impaired RIGHT now?” or “is the device trusted RIGHT now?” is being performed before access is granted. Netskope’s adaptive risk engine can facilitate this—even going so far as to pause the session to validate risk before allowing the user to resume engaging in a potentially risky Internet activity. These controls dial risk to be commensurate with trust without waiting for a timer to catch-up to the danger. 

                                      By using tools like Cloud Risk Exchange users are able to leverage both kinds of risk, lagging risk and real-time risk calculations, context, and policy responses, to make the modern workplace safer for all according to the business needs of each. All while exchanging risk insights with partners like Crowdstrike, Mimecast, SecurityScorecard, BitSight, Okta, and ServiceNow. Risk no longer can be used as a four letter word, but as a word that can have quantifiable insights and action thanks to CRE.

                                      To learn more about CRE, its parent platform Cloud Exchange, and Netskope and its adaptive risk controls—or about any of our other “risk-aware” partners—come join us at booth #S842 at RSA 2023 in San Francisco on April 24-27, 2023.

                                      author image
                                      James Robinson
                                      James Robinson is a seasoned professional with over 20 years of experience in security engineering, architecture, and strategy.
                                      James Robinson is a seasoned professional with over 20 years of experience in security engineering, architecture, and strategy.
                                      author image
                                      David Willis
                                      David is an experienced business, security, and technology leader with over 20 years across telecommunications, financial services, and software industry verticals.
                                      David is an experienced business, security, and technology leader with over 20 years across telecommunications, financial services, and software industry verticals.

                                      ¡Mantente informado!

                                      Suscríbase para recibir lo último del blog de Netskope