Closing thoughts following Les Assises de la Sécurité
by Clare Ward
There were intense discussions at this year's Les Assises de la Sécurité in Monaco (Oct 2-5, 2013), as security experts from across Europe debated the latest security trends.
Omar Khawaja, Verizon's global managing principal, security solutions, led Verizon's contribution, pointing out that enterprises need to transition away from the idea of security as a mere set of tools, and instead need to adopt a complete, business-critical, risk- (and evidence-) based strategy.
Most organizations today have some form of security in place to protect business-critical information. The traditional way of protecting electronic information has been to implement a variety of point solutions designed to counteract specific individual threats. Yet today's sources of electronic attack, or threat vectors, are much more varied and subtle. Businesses therefore need to employ equally more subtle and varied approaches to the protection of their business critical resources.
Security should be an integrated, ongoing process that absolutely mirrors overall business objectives. The real aim of enterprises today should be to actively reduce risk to the business; their challenge is how to accurately assess and manage business risk in the extended enterprise environment, where boundaries are not fixed, and business scope is continually evolving.
Patrick Coomans, senior identity strategist at Verizon, also raised awareness amongst the participants of the strategic business benefits of identity management solutions within the global enterprise.
The challenge of providing employees with anywhere, anytime access to sensitive data can be viewed as a balancing act. Employees now demand the convenience of mobile access with the ability to use their own personal devices within the workplace in order to be more productive. Enabling this type of freedom can be a risk unless the right identity management solutions are in place.
Verizon's 2013 Data Breach Investigations Report flagged that 76 percent of data breaches exploited weak or stolen passwords and credentials, underscoring the extent to which corporate and government networks, systems and applications are under attack by cyber criminals attempting to gain unauthorized access and steal sensitive information.
If you are interested in learning more thoughts and tips on identity protection, check out our post. Don't Let the Fraudsters Steal Your Identity.