In order to determine the IT priorities and challenges currently faced by remote office/branch office (ROBO) locations, and how organizations plan to address those challenges, ESG recently surveyed 454 North American senior IT professionals representing midmarket (100 to 999 employees) and enterprise-class (1,000 employees or more) organizations. All respondents worked at headquarters locations or other centralized corporate sites and were responsible for ROBO IT operations and/or strategy, including the delivery of IT services to these locations, authorization of expenditures, or establishment and enforcement of corporate IT policies for remote/branch offices. Respondent organizations were required to have at least two ROBO locations to qualify for the survey.
Many organizations are evaluating a new security model based upon IT risk management best practices. This is a good idea, but not enough for today's dynamic and malevolent threat landscape. To keep up with IT changes and external threats, large organizations need to embrace two new security practices: Real-time Risk Management for day-to-day security adjustments and Real-time Threat Management to detect and remediate sophisticated, stealthy, and damaging security breaches (i.e., Advanced Persistent Threats or APTs).
ESG surveyed security professionals working in the 18 public and private industry sectors designated as “critical infrastructure” by the U.S. Department of Homeland Security. This brief looks at how these organizations are auditing the security processes and procedures of their IT vendors and the extent to which vendor audit results factor in actual procurement decisions. Alarmingly, IT vendor audits frequently remain random, informal, “check-box” activities.
Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s information security service. With over 25 years of technology industry experience, Jon is widely recognized as an expert in all aspects of information security and is often called upon to help customers understand a CISO's perspective and strategies. Recently, Jon has been an active participant with cybersecurity issues, legislation, and technology within the U.S. federal government.
© 2015 by The Enterprise Strategy Group, 20 Asylum Street, Milford, MA 01757 508.482.0188