Don't miss our upcoming Network Computing virtual event on Connectivity Solutions - Secure Your Complementary Seat Now!
 |
||||
|
|
Introduction
Security
|
|
|
|
||||
Compliance ... zero-day vulnerabilities ... the business case for security ... policy, policy and more policy! You can't turn around without bumping into one of these topics. They're important issues, but they're not the best drivers for security-related deployments.
Let's face it: There are few business cases for security other than avoidance--specifically risk, attack and litigation avoidance. You need processes and products that solve the problems you face every day. Security budgets aren't growing by leaps and bounds. In fact, many organizations' compliance dollars are going for audits, re-engineering projects and consultants.
|
|
The winners in this year's Well-Connected Security category address some of the avoidance concerns. Common best practices dictate the deployment of firewalls, and today's appliances go beyond stateful packet filtering, with the ability to block traffic in the application layer. For example, Juniper Network's NetScreen ISG 2000 with IDP, winner in the Enterprise Firewall category, ferreted out and blocked malicious traffic even under our tests' high load. Small-office and branch locations require similar protection, but more important is integration of multiple functions on a single appliance. Here, WatchGuard Technologies' Firebox X2500 shines.
Get the Picture (Then Use It)
Compliance is really a process issue: an opportunity to get your house in order. Build a security policy, implement management processes and get a handle on your risk posture. One of the critical compliance areas is data gathering and reporting. Auditors need a complete picture of your IT infrastructure to assess the effectiveness of your implemented controls. However, you probably don't need to purchase "compliance products." Your IT unit most likely has the information and tools at its fingertips to gather more than enough data. The challenge is aggregating that information and then doing something useful with it.
With the move to the cloud, CISOs must shift priorities from operating security programs to overseeing (monitoring and auditing) outsourced cybersecurity programs.
2022 was a boon year for IT salaries. 2023 came in like a beast with layoffs, raise freezes, and ChatGPT, but that beast has few teeth.
Age is only a number. Don't let a high number cancel your career.
