cioinsight.com
Home > RSS Feeds > Security
  • What you need to know is that the recent breach of Sony Pictures Entertainment should—in fact, it must—change everything you previously assumed about security.

  • At the heart of operating a business and managing IT systems is the critical balance between performance and security. Despite the introduction of increasingly sophisticated tools and technologies designed to ratchet up results in both areas, CIOs, CISOs, and other IT and business managers face growing and often daunting challenges. According to a recently released report from McAfee, "Network Performance and Security," the stakes have never been higher for enterprises looking to protect digital assets. However, the majority of respondents consistently opt for performance over protection. What's more, there's often a belief that enabling security protections such as firewalls adversely affects network performance. As a result, some organizations go so far as to disable key features and leave others turned off. "Unfortunately, turning off important firewall features because of network performance concerns has become a common practice," says Pat Calhoun, general manager of Network Security at McAfee, part of Intel Security. Here are some of the key findings from the report.

  • The bring-your-own-device (BYOD) movement has radically transformed the enterprise and has helped organizations achieve productivity and cost gains that were previously unimaginable. It also has led to happier,more engaged employees. But there's a downside to these gains. One of the most troubling issues is a rapid uptick in mobile security breaches. According to British telecom firm BT, 98 percent of U.S. firms allow employees to use personal mobile devices for work. However, organizations struggle to manage mobile devices, develop effective policies and controls, and create a secure environment that works for both the business and the employees. A recent survey, which was conducted by BT in conjunction with market research firm Vanson Bourne (with 640 interviews from managers at large global organizations), explored the uptake in adoption of BYOD and corporate-owned-personally-enabled (COPE) devices. It identified a number of key areas that CIOs and other business and IT executives must deal with, including executive and staff attitudes and security protocols.

  • Over the last few years, cyber-security has emerged as a huge challenge. IT and security executives have been forced to cope with a growing array of threats originating from both inside and outside the enterprise. A recently released report from Ernst and Young, "Global Information Security Survey 2014," points out that while organizations are making progress and building a foundation for better protection, many remain unprepared for the level of risk in today's computing environment. Among other things, the survey, which canvassed 1,825 organizations, concludes that business and government must do a better job of anticipating attacks in a world where it is no longer possible to prevent all cyber-breaches—and when threats emanate from ever more resourceful and well-funded sources. According to Paul van Kessel, EY's global risk leader: "Organizations will only develop a risk strategy of the future if they understand how to anticipate cyber-crime. Cyber-attacks have the potential to be far-reaching—not only financially, but also in terms of brand and reputation damage, the loss of competitive advantage and regulatory non-compliance. Organizations must undertake a journey from a reactive to a proactive posture, transforming themselves from easy targets for cyber-criminals into more formidable adversaries."

  • Given the complexity of data in various mobile devices, clouds and social media, many nontraditional sources must be examined during a forensic investigation.

  • Trying to keep the bad guys out of your corporate network isn't even the primary goal any more. Instead, it's preventing them from getting what they really want.