By having a logical framework for understanding cyber security, and the major domains it represents, enterprises can implement their cyber strategies and develop specific plans tailored for each domain. The challenge is far broader than simply addressing one issue such as securing mobile devices or securing cloud computing environments. It is about developing a comprehensive mission critical strategy and logical framework to address all of these inter-related trends.
In today’s business environment, disruptive technologies such as cloud computing, social computing, and next-generation mobile computing are fundamentally changing how organizations utilize information technology for sharing information and conducting commerce online.
This wave of technology innovation bas been driven by consumer trends, which are being rapidly adopted across the enterprise. It has created unparalleled levels of access and connectivity across people, information, systems, and assets worldwide. It has transformed today’s network-delivered society.
In the cyber security arena, users are faced with the:
- increasing sophistication, frequency, and scale of cyber-crime as a rapid result of this open and network-oriented society;
- recent explosion in the use of “edge” devices and cloud-based applications; and
- increasing regulatory and compliance requirements.
These challenges have created an urgent need for organizations to rapidly advance their security counter-measures and re-think traditional approaches.
On a more global level, many countries have elevated cyber security to a top-tier priority within their national security strategies.
Some of the major cyber security business drivers impacting the enterprise include:
- increasing sophistication, frequency, and scale of cyber-crime
- malicious and inadvertent leakage of sensitive data
- increasing regulatory environment
- vulnerabilities introduced by the rise of cloud computing, mobile devices, and Web 2.0 applications in use within the enterprise.
Each of these business drivers creates unique challenges for CIOs and Chief Information Security Officers (CISOs) within both the public and private sectors. While these are not the only drivers, they are of a magnitude that is requiring serious attention in order to compete in the cyber security “arms-race” by managing risk and protecting mission critical assets.
To stay ahead of escalating risk levels and efficiently managing costs, business leaders need to rethink their cyber security postures. This needs be to realized in the context of a broader risk management strategy. Organizations require a new strategic framework that addresses these numerous disruptive trends across the IT landscape.
Enterprises can implement their cyber strategies and develop specific plans tailored for each domain and exposure area in a holistic manner. Key focus areas should include:
- risk and compliance
- users (identity assurance regardless of location or device type)
- data (sensitive data protection no matter where it resides)
- applications (application security modernization)
- infrastructure (securing the “borderless” enterprise including cloud computing)
- assets (cyber supply chain)
The challenge is far broader than simply addressing one issue such as securing mobile devices or securing cloud computing environments. A cyber security strategy addresses all of these inter-related trends, so business leaders can be confident of a defense-in-depth approach.