Mark D. Nicholls, Head of Information Security & Governance, Peabody

Digital Assets Provide Great Benefits, but Also Create Vulnerabilities

  • Embed security at every level of the organization and rely on cooperation and good training to supplement a small team.
  • Work with development teams throughout the development process to remediate problems and  incorporate other compensation controls.

“We’ve gone through a process of maturing our IT lifecycle here so that security is embedded right from the start as part of the design process.”

As head of information security and governance at Peabody, one of London’s oldest and largest housing providers, Mark Nicholls is responsible for keeping all the private data the nonprofit accumulates safe and secure. This is a unique challenge, as residents expect easy access to housing information and transactions through multiple devices and applications. Though Nicholls is realistic about the vulnerabilities that can result from assets such as Web apps, mobile devices and the internet of things, he sees the tremendous value those can provide. “From my perspective I see the new stuff that’s coming along as being of great benefit,” he says. “It’s something that we can’t be cavalier about and just say, ‘no, stop, we’re not doing this because of x vulnerabilities, x security concerns, et cetera. But we need to be very acutely aware of the threats these assets do bring just by the sheer nature of the devices.”

This is an excerpt from Reducing Cyber Exposure From Cloud to Containers. The eBook was generously sponsored by Tenable.