Security is like a car
It needs to have airbags and seatbelts built in. By Alan Schimel, CSO of StillSecure.
Much like the Department of Transportation has regulated that simple safety measures such as seatbelts are a required standard in all vehicles, organizations like The PCI Security Standards Council are stepping up to ensure that all networks are safer after one too many security tragedies have occurred. To help with compliance, security is becoming an integrated component of the network infrastructure, rather than an afterthought.
Security is like a cheese grater
Never mind the holes, protect the data. By Amrit Williams, CTO, BigFix.
There's no way to create a big, thick perimeter when your corporate LAN extends to Starbucks. The endpoint is the new perimeter. 'Hard on the outside' no longer works, especially when you have to open your networks up to 'millennials,' young workers who are accustomed to using their iPhones. Today, corporate security looks like a cheese grater, with lots of holes. What becomes important is protecting data.
Security needs to think on its own
It needs to be able to react and respond to changing scenarios. By Art Coviello, President, RSA, The Security Division of EMC.
Traditional information security can often feel like something out of a Dirty Harry movie. At a time when one wrong click can jeopardize identities and livelihoods, users of all stripes are confronted every day with those cryptic dialog boxes that ask, "Are you sure?" This is the technology-equivalent to: "Do you feel lucky? Well, do ya, punk." Of course, it shouldn't be that way. There is a clear need to think differently about information security: to consider it as an enabler that must be built-in, rather than bolted-on; that accelerates business rather than stifling it. Looking further ahead, it will be critical for security to be able to evaluate changing scenarios and then adapt and respond to them. This will engender security mechanisms that can understand information and safeguard it intelligently. We call this 'Thinking Security': security that draws on established knowledge and surrounding context to make informed decisions.