The biggest shift in
the industry is that we need to move beyond thinking of security as a set of
extra steps, processes, or systems built around our computing environment. As
computing becomes more pervasive and embedded, often unseen, in our daily
lives, we need to design holistic approaches to security that match the way we
live and work.
It’s
an exciting time to be in the security industry. There won’t be just one single
answer or solution. Many players will be involved in a holistic, systems-based
approach to security. And the environment will continue to evolve, as endpoints
expand and innovative new technologies enter both our business and personal lives.
Security practitioners and developers will be challenged to be innovative and
collaborative in adapting to the constantly evolving threat environment.
Applications: Security
isn’t something that can be tacked onto an application at the end of its development.
Even in an environment with significant time-to-market pressures, application
developers need to be part of the holistic approach to security, delivering
vulnerability free software that considers the implications of sensitive and/or
regulated data.
People: The
boundaries between personal and professional online activities and identities
are blurring. Corporate security measures must accept this reality and support
people with everything from online identity controls to simplified, embedded
processes, making secure computing as easy and transparent as possible.
Layered defenses,
but across multiple dimensions
Despite what any security vendor may wish you to believe, there’s no single way to secure either your personal data and identity or corporate systems and data. While layered defenses have been a best-practice in corporate security for many years, in today’s increasingly complex security environment we need to expand our thinking to layers across many dimensions. Specifically, security requires holistic approaches that span people, infrastructure, data, and applications.
Despite what any security vendor may wish you to believe, there’s no single way to secure either your personal data and identity or corporate systems and data. While layered defenses have been a best-practice in corporate security for many years, in today’s increasingly complex security environment we need to expand our thinking to layers across many dimensions. Specifically, security requires holistic approaches that span people, infrastructure, data, and applications.
0 comments:
Post a Comment