The biggest eye-opener in Gartner's recently-published study on the current
agenda regarding the digital landscape for Chief Information Officers is that
CIO’s recognize that cloud computing will not only be a significant part of
the future, but that their own roles and behavior need to be updated to
survive in the modern enterprise.
“CIOs will have to develop new IT strategies and plans that go beyond the
usual day-to-day maintenance of an enterprise IT infrastructure….
technologies provide a platform to achieve results, but only if CIOs adopt
new roles and behaviors to find digital value.”
Most CIOs recognize that the future of enterprise IT lay not with sitting and
writing code and patching servers, but rather one of strategic development
and as an integrator of business goals: riding the sea change from a person
plugging in cables to an analyst; from a compiler ... (more)
Users are making it too easy for hackers.
If we take a closer look at the 6.5 million hashed LinkedIn passwords that
leaked we find a large swath of the user population are ignoring warnings of
overly simplistic and obvious passwords. Would you believe the most common
word or phrase found in a 160K sampling of the list was “link”? And would
you further shake your head in disbelief that “1234” and “12345”
followed close behind. Rounding out the top 10 were “work,” “god,”
“job,” “angel,” “the,” “ilove,” and “sex.”
More so than Facebook, LinkedIn is the social media of choice for bu... (more)
In my experience there are two types of enterprise IT departments: those that
maintain the status quo and those looking to continuously explore and
It is truly unfortunate how many fall into the former category. But the
problem with IT security is that it's an ever-evolving and moving target. So
the decision to not dip your toe in the water and understand all available
options could mean the difference between a panicked 3am call regarding a
breach alert or a good night’s sleep.
I realize this is an over generalization, and oftentimes the decision to
“stay the course”... (more)
I spend a great deal of my day thinking about security. How it affects the
enterprise; how to best position and protect assets. How it shapes risk
management and how it delivers potential benefits through smoother
operations, enhanced trust and loss prevention.
At its core, security is about risk versus reward. It’s no great secret
that many executives look at security as a cost center. Compounded by the
requirements of compliance, the expansion of technology, and the nature of
the modern enterprise, no one doubts the need to secure the enterprise…but
to what degree? Securing yo... (more)
What is it your mom used to say? “A watched pot never boils.” This might
be true, but a watched pot also never spills; it never allows your younger
sister to stick her hand in the hot water; prevents Uncle Jack from tasting
before dinner is ready; and if something unforeseen happens, there is time to
mitigate the problems.
One of the established best practices in InfoSec is monitoring. People,
products and companies get paid a great deal of money and expend a great deal
of resources to watch pots. Monitoring simply is the central component to any
security initiative. If you don’... (more)