RESEARCH ON THE IMPACT OF CYBERSECURITY TOOLS INTEGRATION ON THE SECURITY OF AN ORGANIZATION’S IT INFRASTRUCTURE
DOI:
https://doi.org/10.35546/kntu2078-4481.2025.2.2.29Keywords:
cybersecurity, IT infrastructure, security tools integration, multilayered protection, NGFW, EDR, SIEM, PAM, IAM, MDM, access management, incident responseAbstract
The article addresses the pressing issue of ensuring cybersecurity in the context of increasing numbers of complex and multi-vector attacks on corporate IT infrastructures. It substantiates the need to transition from isolated security tools to a comprehensive, integrated approach that ensures the interaction between NGFW, EDR, SIEM, PAM, IAM, and MDM.It is noted that a significant portion of security breaches is caused by insufficient coordination between cybersecurity components, which hinders the early detection of complex attacks.Based on the analysis of current research and statistical data, typical vulnerabilities of IT systems, key attack vectors, and weaknesses in current security management practices are examined. An architectural model of multi-layered protection is proposed, enabling the creation of a unified information environment for correlating threat data, managing access, and providing real-time incident response. Special attention is given to the practical impact of integrated systems on enhancing infrastructure protection, reducing threat detection time, and improving incident response efficiency.The article also emphasizes the improvement in IT department productivity through the automation of routine tasks and centralized security management.Recommendations are proposed for implementing an integrated cybersecurity model that takes into account the current needs of organizations and the requirements of standards such as ISO/IEC 27001 and the NIST Cybersecurity Framework.The results of the study are valuable for IT managers, cybersecurity professionals, and organizational leadership seeking to strengthen their information security. The impact of technological integration on reducing human factor involvement in incident response and establishing a secure digital environment is separately highlighted.
References
Scarfone K., Mell P. Guide to Intrusion Detection and Prevention Systems (IDPS). NIST Special Publication 800-94. Gaithersburg, MD: National Institute of Standards and Technology, 2007. [Електронний ресурс]. Режим доступу: https://csrc.nist.gov/publications/detail/sp/800-94/final
Yaseen A. Enhancing Cybersecurity through Automated Infrastructure Management: A Comprehensive Study on Optimizing Security Measures. ResearchGate. 2024. [Електронний ресурс]. Режим доступу: https://www.researchgate.net/publication/378594258
Kilani Y., Cyber-security effect on organizational internal process: mediating role of technological infrastructure. Problems and Perspectives in Management. № 18(1). 2020. pp 449-460 [Електронний ресурс]. Режим доступу: https://www.researchgate.net/publication/340490846
Vázquez-Ingelmo A., García-Holgado A., García-Peñalvo F. J. A SIEM-based Framework for Automated Cybersecurity Incident Response. Lecture Notes in Computer Science. V. 13327. 2022. P. 370–385. DOI: https://doi.org/10.1007/978-3-031-09243-8_29
Network Infrastructure Security 2023: National Security Agency Cybersecurity Technical Report, 2023. [Електронний ресурс]. Режим доступу: https://media.defense.gov/2022/Jun/15/2003018261/-1/-1/0/CTR_NSA_ NETWORK_INFRASTRUCTURE_SECURITY_GUIDE_20220615.PDF
Open Web Application Security Project (OWASP). OWASP Top Ten. [Електронний ресурс]. Режим доступу: https://owasp.org/www-project-top-ten/
ISO/IEC 27001:2022. Information Security Management Systems. [Електронний ресурс]. Режим доступу: https://www.iso.org/standard/27001
Check Point Software Technologies. Next-Generation Firewall. [Електронний ресурс]. Режим доступу: https://www.checkpoint.com/cyber-hub/network-security/what-is-next-generation-firewall-ngfw/
National Institute of Standards and Technology (NIST). Cybersecurity Framework. [Електронний ресурс]. Режим доступу: https://www.nist.gov/cyberframework
Gartner Peer Insights. Reviews for Endpoint Protection Platforms. [Електронний ресурс]. Режим доступу: https://www.gartner.com/reviews/market/endpoint-protection-platforms.
Шуліка, К., Балагура, Д. і Сидоренко, З. Аналіз методів обходу сучасних систем захисту кінцевих точок EDR, Радіотехніка, № 2(217), 2024, с. 64–68. DOI: https://doi.org/10.30837/rt.2024.2.217.05.
Шуліка, К., Балагура, Д., Смірнов, А., Непокритов, Д., Литвин, А. Метод використання сучасних систем захисту кінцевих точок (EDR) для убезпечення від комплексних атак. СУЧАСНИЙ СТАН НАУКОВИХ ДОСЛІ- ДЖЕНЬ ТА ТЕХНОЛОГІЙ В ПРОМИСЛОВОСТІ, № 2(28), 2024, с. 182–195. https://doi.org/10.30837/2522-9818.2024.2.182
Wallix Bastion. Privileged Access Management. [Електронний ресурс]. Режим доступу: Https://www.wallix.com/products/privileged-access-management/.
Delinea PAM Solution. Securing Privileged Accounts. [Електронний ресурс]. Режим доступу: https://delinea.com/what-is/privileged-access-management-pam.
Silverfort IAM Solution. Adaptive Authentication and Access Control. [Електронний ресурс]. Режим доступу: https://www.silverfort.com/
