Tenable: Economic, Operational and Strategic Benefits of Security Framework Adoption
The book includes insights from the following experts: Alex Wood, PulteGroup, Inc, VP, Information Security/Chief Information Security Officer, Mapping Risk Directly to Framework Controls >> Arlie Hartman, KAR Auction Services, Inc,...
Alex Wood: You Must Recognize Hidden Costs and Hidden Risks
Having more mature security processes in place puts you in a better position to define who’s responsible for what in this extended infrastructure. Any time you collect customer data, regardless of who your cloud provider is, you are still responsible for making sure...
Joshua Danielson: Automated Processes Become Your Configuration Items
First identify business objectives you want to meet by moving to the cloud. This will lead you to the kind of cloud partners you should look for, and the services you need from them. In an on-premises data center you might do a quarterly vulnerability audit. In a...
Jamie Norton: Dynamic Assets Require Continuous Monitoring
Automatic vulnerability scanning is commonly integrated into an agile app development process, but it does not end there. Many apps have built-in controls and self-validation routines. With literally billions of thinly secured connected things plugged into networks...
Russ Kirby: Automate as Many Regularly Occurring Events as Possible
With cloud assets in the infrastructure, you must ensure that service providers are delivering a secure service, and the processes you run there are secure. Whether validating the server image or enforcing proper view and function states, you need to adopt a process...
Michael Capicotto: Protect Modern Assets with Standards and Automation
Businesses can better protect their modern assets by setting standards that apply to a range of technologies and providers. Security automation helps a business keep up with a changing landscape while also increasing its overall security posture. “Security will be...
Paul Heffernan: Lifecycle Data Encryption Is Effective, But It Is Not a Magic Bullet
One strategy that some organizations are increasingly adopting is to focus on following and protecting data as it moves through the changing infrastructure. To gain better visibility into cloud assets, work with your cloud providers to conduct the vulnerability...
John Meakin: Businesses Must Focus on Protecting Information
As businesses place a greater value on maximizing data insights, they must adjust their security focus to protect information, not just infrastructure. Security leaders have an important role to play in crafting a tailored security approach that protects information...
Eric Bedell: Applying a Data-Centric Strategy in a Vast IT Ecosystem
With so many assets moving into the cloud and onto mobile devices, implementing a data-centric security strategy requires more controls built into software. Data-centric security effectively balances the costs of protection against the risk of damage, especially in a...
Antonio D’Argenio: Protecting Modern Assets Requires a Data-Centric Security Posture
Businesses can protect their modern assets by adopting a data-centric security posture. To minimize risk, a business must start thinking about security by design. “The cloud definitely offers more flexibility, but most of the time this flexibility will come with a...
