Data and Identity: Two New Security Perimeters

CISOs tend to spend the bulk of their cybersecurity technology budgets on endpoint, server, and network security controls. This makes sense from a historical perspective, but these IT assets are in a state of flux today. Endpoints are often mobile devices rather than Windows PCs, while servers are virtual or cloud-based workloads. Meanwhile, networks are also moving to a virtual model composed of public and private network segments.

Topics: Cybersecurity identity data security encryption

Why Would Businesses Embrace Facebook at Work?

There are two primary reasons that Facebook could become attractive for a corporate business environment:

Topics: identity

The Two Cornerstones of Next-Generation Cybersecurity (Part 1)

Every CISO I speak with tells a story fraught with common anxiety about the future of information security. As the world becomes more mobile, consumer-centric, and cloud-based, IT gets more distributed and complex while the IT department has less and less control. This presents a real conundrum for security professionals who’ve been trained to seize control and lock down as much as they can.

So what should CISOs do to address the “shadow IT” dilemma? As IT loses control of some of its traditional assets, my suggestion to CISOs is to double-down on security controls and oversight for the things they still own. In my humble opinion, there are two key areas to focus on: Sensitive data and identity. Everything else – applications, endpoints, networks, and servers – must kowtow to these two cornerstones and enforce specific data security and identity policies.

Topics: Data Management & Analytics Information and Risk Management Enterprise Software Security and Privacy cyber security next-generation cybersecurity applications identity