The biggest eye-opener in Gartner's recently-published study on the current
agenda regarding the digital landscape for Chief Information Officers is that
CIO’s recognize that cloud computing will not only be a significant part of
the future, but that their own roles and behavior need to be updated to
survive in the modern enterprise.
“CIOs will have to develop new IT strategies and plans that go beyond the
usual day-to-day maintenance of an enterprise IT infrastructure….
technologies provide a platform to achieve results, but only if CIOs adopt
new roles and behaviors to find digital value.”
Most CIOs recognize that the future of enterprise IT lay not with sitting and
writing code and patching servers, but rather one of strategic development
and as an integrator of business goals: riding the sea change from a person
plugging in cables to an analyst; from a compiler ... (more)
In a recent blog post, Art Coviello, the executive chairman at RSA, posed an
important question. How do we move from traditional security to
intelligence-driven security? In his answer he described that the quickly
interdependent exchanges between parties (B2C, B2B, B2P, etc) have grown
beyond the traditional means of securing the enterprise:
“IT organizations have continued to construct security infrastructures
around a disintegrating perimeter of increasingly ineffective controls.”
He described a new-model of cyber-security that includes five concepts:
A thorough understanding o... (more)
Does this sound familiar? Ann, sitting at her desk eating lunch, is surfing
the Net. She checks her personal Yahoo email account and sees a message from
a purported survey company asking her about her music preferences. She opens
the email and takes the survey. Seems harmless enough, but what Ann doesn’t
know is that this survey company doesn’t exist and embedded in some of the
survey prompts hides an undetected botnet that downloaded onto her desktop.
This nasty bugger can record her keystrokes and take screen shots as she
navigates through your network. Now some unauthorized en... (more)
While trawling the blogs, feeds and news I came across an analyst’s article
about best security practices in which he kept referring to “the stack.”
And by this, he meant a multitude of various solutions that address certain
security needs and capabilities; everything from email filtering,
firewalling, authenticating, credentialing, logging and intrusion detection,
etc...
And, if you read my blogs often enough, you know I am a big proponent of
unified security. However, unified security is not a stack. It is easy to be
confused as both look to utilize best of breed tools to prev... (more)
What is it your mom used to say? “A watched pot never boils.” This might
be true, but a watched pot also never spills; it never allows your younger
sister to stick her hand in the hot water; prevents Uncle Jack from tasting
before dinner is ready; and if something unforeseen happens, there is time to
mitigate the problems.
One of the established best practices in InfoSec is monitoring. People,
products and companies get paid a great deal of money and expend a great deal
of resources to watch pots. Monitoring simply is the central component to any
security initiative. If you don’... (more)
With more than 32 years of experience in information technology, and an extensive and successful entrepreneurial background, Kevin Nikkhoo is the CEO of the dynamic security-as-a-service startup Cloud Access. CloudAccess is at the forefront of the latest evolution of IT asset protection--the cloud.
Derek Granath
Tom Flynn
Patrick Pushor
Bob Evans
