The book includes insights from the following experts:
- Eric Bedell, MUFG, Chief Information Security Officer, Applying a Data-Centric Strategy in a Vast IT Ecosystem >>
- Antonio D’Argenio, Tech Data, Worldwide IT Security Architect, Protecting Modern Assets Requires a Data-Centric Security Posture >>
- David Carvalho, OCS Group UK, Group CISO, You Must Account for Entirely New Kinds of Risks >>
- Isabel Maria Gomez, Bankia, Group Information Security Manager, Protecting Modern Assets Requires a Proactive Approach >>
- Russ Kirby, Creditsafe, CISO, Automate as Many Regularly Occurring Events as Possible >>
- Paul Heffernan, Unipart Group, Group Chief Information Security Officer, Lifecycle Data Encryption Is Effective, But It Is Not a Magic Bullet >>
- John Meakin, Burberry, Chief Risk & Security Officer, Businesses Must Focus on Protecting Information >>
- Mark Nicholls, Peabody, Head of Information Security & Governance, Digital Assets Provide Great Benefits, but Also Create Vulnerabilities >>
- Rory Alsop, Royal Bank of Scotland, Head of Information Security Oversight, Shifting to Software Driven Data Protection >>
Reducing Cyber Exposure from Cloud to Containers was generously sponsored by Tenable.
When it comes to IT infrastructure, it’s fair to say that the perimeter has left the premises. In fact, the perimeter has mostly disappeared. But what exactly does that mean? Research by Skyhigh Networks1 finds that the average organization uses 1,427 cloud services, but only 8.1% of them meet enterprise security and compliance requirements, and file sharing company Egnyte published data2 showing that 89% of companies now allow personal devices to connect to corporate networks. Most analysts agree there are billions of connected IoT devices in use today, a number that is rapidly growing, yet there is no standard for securing them. Security professionals face a rapidly changing IT landscape, one that is crowded with new types of dynamic IT assets. We decided to learn more about how they are adapting their strategies to meet these challenges. With the generous support of Tenable, we asked 29 cyber security experts the following question:
How have modern assets like cloud instances, web-based applications, mobile devices, application containers, and others affected your security and risk management program?
It’s a big question that lead to fascinating discussions and different perspectives from a variety of industry segments. Several themes emerged: more collaboration between security and app developers; growing emphasis on continuous scanning and detection; and some industries placing more emphasis on data-centric security strategies. These essays are loaded with fresh insights into areas of security and risk management that are becoming more challenging and more critical to healthy business operations. Whether you are a security professional, a software engineer, or a business leader, I have no doubts you will find
these essays useful and thought provoking.