Published By: Symantec
Published Date: Jul 11, 2017
The technology pendulum is always swinging. And chief information security officers must be prepared to swing with it—or get clocked. A look at recent history illustrates the oscillating nature of technology. In the 1980s, IBM mainframes dominated the landscape. In the ’90s, client-server computing came on the scene and data was distributed on personal computers. When the Web assumed predominance, the pendulum started to swing back to a centralized server. Then, just as quickly, mobile took the lead, with apps downloaded to workers’ devices—the new client server. Now, as mobile devices continue to populate the enterprise at a rapid rate, the IT model is changing again—to the provisioning of information on a just-what’s-needed, just-in-time basis from centralized servers consolidated in the cloud. The pendulum continues to swing and IT workloads are moving to the cloud en masse.
Un nuovo modello di sicurezza che vale la pena di studiare, e di imitare.
La sicurezza enterprise si basa, tradizionalmente, su una strategia che blocca gli endpoint degli utenti e posiziona la rete all'interno di una sorta di perimetro fortificato. Oggi, questa strategia non è in grado di supportare né proteggere l'uso di device mobile e le funzionalità SaaS, che esistono al di fuori di quel perimetro. Di conseguenza, i Chief Information Security Officer (CISO) sono alla ricerca di soluzioni nuove, in grado di tutelare queste tecnologie e di adattarsi al modificarsi di minacce ed esigenze di business.
Un nouveau modèle de sécurité qui mérite d’être étudié... et reproduit.
Traditionnellement, la sécurité des entreprises a toujours été fondée sur une stratégie de « forteresse », chargée de sécuriser les terminaux utilisateur et de former une barrière de protection autour du réseau. Aujourd’hui, cette stratégie n’est pas en mesure de supporter ou de sécuriser l’utilisation des périphériques mobiles et des fonctionnalités SaaS, qui existent en-dehors de la forteresse. Les responsables de la sécurité des informations (CISO, Chief Information Security Officer) sont donc tenus de trouver de nouvelles solutions à même de sécuriser ces technologies actuelles, et de s’adapter aux menaces et aux besoins métier en évolution.
Atrius Health Chief Information Security Officer Chris Diguette oversees security for Atrius Health, the largest physician-led healthcare provider in the northeastern US. The organization is recognized nationally for its use of health information technology. Diguette is also CIO of the VNA Care Network, a home healthcare provider and subsidiary of Atrius Health. As CISO, Diguette and his team work to implement and maintain a security infrastructure
that safeguards the organization’s critical health information systems and applications, such as its Epic Systems Electronic Medical Records (EMR) system and the personal data of more than 675,000 patients at 29 facilities in eastern and central Massachusetts.
Ein neues Security-Modell, das Sie verstehen und nachahmen sollten.
Die Security in Unternehmen ähnelte bisher einer Festungsstrategie, die Anwenderendpunkte abschottete und Mauern um das Netzwerk baute. Heutzutage kann diese Strategie die Nutzung von Mobile Devices und SaaS-Funktionen (Software-as-a-Service), die sich außerhalb der Festung befinden, nicht mehr unterstützen. Daher haben sich Chief Information Security Officers (CISOs) nach neuen Lösungen umgesehen, die diese Technologien heute sichern können und die sich einer Zeit anpassen, in der sich sowohl Bedrohungen als auch Unternehmensanforderungen verändern.
In this exclusive Security Leadership Series eBook, Citrix chief information security officer Stan Black and chief security strategist Kurt Roemer share best practices for leading meaningful security discussions with the board of directors.
Published By: SilverSky
Published Date: Apr 16, 2013
A SilverSky study of 200 U.S. chief information officers and senior level security decision-makers were found that nearly all (97 percent) of respondents indicate their confidence level in the cloud has either increased or stayed the same in the past 12 months. The Silver Lining report provides insights into cloud behavior. Download the report now and see how your peers are feeling about moving to the cloud.
If businesses are recognizing the need for a dial-tone approach to establishing “data utility” services for meeting user expectations for data accessibility, availability and quality, it is incumbent upon the information management practitioners to ensure that the organization is properly prepared, from both a policy/process level and a technology level.
Enterprise chief information security officers (CISOs) are seeking ways to leverage existing security
investments to bridge the divide between largely siloed security systems. The focus is on reducing
the number of consoles needed to manage the security infrastructure. Network security vendors have
a significant role to play in bridging the communication gap between these systems. The creation of a
unified defense architecture enables threat data exchange between existing security systems. It helps
automate the process of raising an organization's security posture when a security infrastructure
component detects a threat.
The following questions were posed by Fortinet to Robert Ayoub, program director in IDC's Security
Products program, on behalf of Fortinet's customers.
Forrester Consulting was commissioned to conduct a Total Economic Impact™ (TEI) study to examine the potential return on investment (ROI) enterprises may realize by deploying Cylance's advanced threat protection solution, CylancePROTECT®, and its deployment and configuration services, ThreatZero™. The study aims to provide readers with a framework to evaluate the potential financial impact of CylancePROTECT and ThreatZero on their organizations, which will improve customer success with advanced cybersecurity and antivirus protection solutions. To better understand the benefits, costs, and risks associated with an investment in Cylance, Forrester interviewed the Chief Information Security Officer for a Large State County Government, who has used the solutions for over a year. Cylance provides a new-generation, predictive, cybersecurity, and malware prevention solution that leverages artificial intelligence to prevent malware from executing on endpoints in real time. This is usually implemented with ThreatZero, which is a continuous professional service program rendered by Cylance for users of CylancePROTECT. ThreatZero guides through the planning, implementation, integration, and ongoing optimization of the solution. This often includes end user education, training, and support to totally eliminate endpoint threats and incidents. With CylancePROTECT and ThreatZero, the organization was able to reduce security breaches to almost zero, catching malware before it ever gained access to public records. Relative to their previous endpoint protection, this significantly reduced costs from remediation/reimaging and incidence response. Additionally, IT and security employees’ productivity were boosted. Read more in the full TEI report.