The book includes insights from the following experts:
- Alex Wood, PulteGroup, Inc, VP, Information Security/Chief Information Security Officer, You Must Recognize Hidden Costs and Hidden Risks >>
- Andy Boura, Thomson Reuters, Senior Information Security Architect, Manage Security as a Shared Responsibility >>
- Antonio D’Argenio, Tech Data, Worldwide IT Security Architect, Protecting Modern Assets Requires a Data-Centric Security Posture >>
- Arlie Hartman, KAR Auction Services, Inc, Information Security Architect, Secure Your Assets, Wherever They Reside >>
- Avinash Tiwari, Ocwen Financial Corporation – US, Senior Manager – Information Security, A Fragmented Ecosystem Challenges a Coherent Security Strategy >>
- Caleb Sima, Capital One, Managing Vice President, Security, Securing Applications Is an Incredibly Complex Task >>
- Carlos Lerma, Beam Suntory Inc, Senior Information Security Architect, Collaboration is Key to Securing a Dynamic IT Environment >>
- Cassio Goldschmidt, Stroz Friedberg, Vice President, Cyber Resilience Practice, Innovative Identity Management Protects Modern Assets
- Chad Lorenc, Keysight Technologies, Sr. Infrastructure Security Architect, A Segmentation Strategy Simplifies Securing Cloud Assets
- Darwin Sanoy, Infor, Senior Cloud Architect, Darwin Sanoy: Risk Management Decisions Must Be Made at the App Development Level >>
- David Carvalho, OCS Group UK, Group CISO, You Must Account for Entirely New Kinds of Risks >>
- Dilip Panjwani, FIS, Director Information Security, Modern Assets Require a Disciplined, Step-by-Step Approach to Security >>
- Eric Bedell, MUFG, Chief Information Security Officer, Applying a Data-Centric Strategy in a Vast IT Ecosystem >>
- Floyd Fernandes, CBS Interactive, Vice President & Chief Information Security Officer, Visibility into Your Entire IT Ecosystem Is Fundamental >>
- Harshal Mehta, Carlson Wagonlit Travel, Senior Director – Information Security, Asia Pacific & EMEA, Securing a Complex Ecosystem Requires a Layered Strategy >>
- Isabel Maria Gomez, Bankia, Group Information Security Manager, Protecting Modern Assets Requires a Proactive Approach >>
- Jamie Norton, NEC Australia, Head of Cyber Security, Dynamic Assets Require Continuous Monitoring >>
- Javed Ikbal, Bright Horizons Family Solutions, Vice President Information Security, Risk Management & Compliance/CISO, Cloud Services Force You to Reconsider Your Risk Model >>
- John Meakin, Burberry, Chief Risk & Security Officer, Businesses Must Focus on Protecting Information >>
- Joshua Danielson, Copart, Chief Information Security Officer, Automated Processes Become Your Configuration Items >>
- Lee Eason, Ipreo, Director of DevOps, Risk Management Decisions Must Be Made at the App Development Level >>
- Lester Godsey, City of Mesa, CISO, Managing Risk Requires New Levels of Visibility >>
- Mannie Romero, Optiv Inc, Executive Director – Office of the CISO, The Leap from Securing Static to Dynamic Assets Is a Management Challenge
- Mark Nicholls, Peabody, Head of Information Security & Governance, Digital Assets Provide Great Benefits, but Also Create Vulnerabilities >>
- Michael Capicotto, Two Sigma, Cloud Security Architecture, Protect Modern Assets with Standards and Automation >>
- Paul Heffernan, Unipart Group, Group Chief Information Security Officer, Lifecycle Data Encryption Is Effective, But It Is Not a Magic Bullet >>
- Rory Alsop, Royal Bank of Scotland, Head of Information Security Oversight, Shifting to Software Driven Data Protection >>
- Russ Kirby, Creditsafe, CISO, Automate as Many Regularly Occurring Events as Possible >>
- Scott Estes, Dycom Industries, Inc., Director – IT Infrastructure and Security, Maintaining a Love/Hate Relationship with Modern Assets
Reducing Cyber Exposure from Cloud to Containers was generously sponsored by Tenable.
When it comes to IT infrastructure, it’s fair to say that the perimeter has left the premises. In fact, the perimeter has mostly disappeared. But what exactly does that mean? Research by Skyhigh Networks1 finds that the average organization uses 1,427 cloud services, but only 8.1% of them meet enterprise security and compliance requirements, and file sharing company Egnyte published data2 showing that 89% of companies now allow personal devices to connect to corporate networks. Most analysts agree there are billions of connected IoT devices in use today, a number that is rapidly growing, yet there is no standard for securing them. Security professionals face a rapidly changing IT landscape, one that is crowded with new types of dynamic IT assets. We decided to learn more about how they are adapting their strategies to meet these challenges. With the generous support of Tenable, we asked 29 cyber security experts the following question:
How have modern assets like cloud instances, web-based applications, mobile devices, application containers, and others affected your security and risk management program?
It’s a big question that lead to fascinating discussions and different perspectives from a variety of industry segments. Several themes emerged: more collaboration between security and app developers; growing emphasis on continuous scanning and detection; and some industries placing more emphasis on data-centric security strategies. These essays are loaded with fresh insights into areas of security and risk management that are becoming more challenging and more critical to healthy business operations. Whether you are a security professional, a software engineer, or a business leader, I have no doubts you will find
these essays useful and thought provoking.