Enemies Inside the Gates
Cautionary tales of Internet hackers extraordinaire and other dangers lurking in the Web forest have led us down the path of constructing steel doors in open fields. The emphasis has been on the doors, rather than on what they are protecting. Truth No. 2: We must become less perimeter-centric and more asset-centric, because the reality is we can't protect it all.
Without a firm grasp of what we're guarding, where it resides and how valuable it is, how can we hope to quantify necessary levels of protection, much less achieve them? Without open lines of communication between IT and business units, how can security teams quantify the true threat to digital assets?
Unfortunately, when it comes to assets, the problem lies with the business and security teams; most business operators know little about infosec, and infosec practitioners know little about the business. Without a better understanding, a common ground will not be found.
In a cost-conscious economy, organizations don't need more expensive security controls, they need more effective ones. It's time to regroup, re-evaluate, and make 2003 the year holistic strategies take center stage.
Infosec Triage
Tech layoffs intensify perception of a toxic workplace, 45% of respondents in a new study said. Leaders know how to address the problem -- are they doing enough?
Facing a sagging economy, many enterprises are downsizing their operations. This leaves IT leaders with the task of shrinking their departments without sacrificing performance or security.
Have you given much thought to critical thinking? It’s a talent that can make you a stronger, more effective leader
