As more and more companies pursue digital transformation – all but a necessity in the increasingly online world of business – web security has become more important than ever.
Businesses need to guard their networks against threats from compromised or malicious pages, and at the same time, they need to defend their own websites.
Take for example the Ticketmaster data breach, which was enabled by the compromise of code belonging to third-party Inbenta. Subsequent investigations found that the hack was part of a vast card-skimming operation affecting over 800 e-commerce websites worldwide. It’s even been suggested that the British Airways hack may have been part of the same operation, or at least have been achieved through similar means.
These incidents demonstrate both aspects of the web security risk. It’s not just dodgy video streaming sites or pages created by amateurs that pose a threat – the websites of well-known, trusted companies aren’t guaranteed to be any safer. Many of these websites serve B2B clients, and employees will need to use them and enter company information into them.
Equally, the Ticketmaster example in particular demonstrates that if it’s your data or your customers’ data which is lost, even if the breach occurs because a third party rather than your own systems are compromised, you will suffer the consequences.
So who do the UAE’s CISOs consider most effective at defending against these risks?
Symantec was voted most effective in this category – and as in the email security and endpoint security categories, it stood out by a considerable margin, in this case winning 21% of the vote.
Interestingly, as in the email and messaging security category, many of Symantec’s votes were for products created through acquisition of existing companies. In this case, two thirds of Symantec voters referred specifically to Blue Coat Systems, which was acquired by Symantec in 2016.
Turning to other providers, F5 Networks also stood out in this category, taking a very respectable second place with 14% of the vote. Other nominees to do particularly well included Fortinet, McAfee, Zscaler and Forcepoint.
One thing we noticed here was that while some of the providers nominated were ‘generalist’ vendors (such as Fortinet and McAfee), this category saw a greater number of ‘specialist’ vendors or products mentioned, and also a greater number of specialist areas – for example, some were specifically providers of VPN services, while others were particularly focused on cloud or application security.