|By David Canellos||
|February 7, 2014 08:45 AM EST||
A newly released report from McKinsey & Company, Risk and Responsibility in a Hyperconnected World: Implications for Enterprises, highlights the findings of a year's worth of McKinsey research conducted in partnership with the World Economic Forum. Based on the interviews with over 200 enterprises and organizations the findings highlight the importance of protecting online proprietary data and information and puts forth 7 ideas for how to protect the enterprise.
The report first observes that with the rise of new and novel ways to access information via mobile devices, data security risks have dramatically increased. Despite the billions of dollars spent to secure data, cybercriminals have proven themselves to be a highly adaptable, sophisticated, well-funded crew, equipped to take advantage of any weaknesses in an enterprise's security technology. Recent examples of large breaches at Target and Adobe could potentially really just be the tip of the iceberg.
As I mentioned, the research sets forth seven practices for executives tasked with battling cybercriminals; here is the list with a few observations on each:
1. Prioritize information assets based on business risks.
At PerspecSys, we've long championed this idea as an important part of any cloud security strategy. It enables a smooth, risk-based strategy for protecting the corporation and helps prioritize IT activities on the most impactful security technologies/processes. It is amazing how quickly things can happen when risks are well understood (see #6 below). Which leads directly to the next tenet...
2. Provide differentiated protection based on importance of assets.
This is especially relevant when choosing where and how enterprises select their cloud computing environment (public, private or hybrid cloud) and what obfuscation technologies to deploy (tokenization, encryption, location and ownership of keys, etc.).
3. Deeply integrate security into the technology environment to drive scalability.
This strategy helps better protect assets while staying a step ahead of both cybercriminals and competition. And as I stated in my predictions of what we'll see this year, the solutions that pull ahead in the marketplace will provide strong security, leverage existing data center investments and scale without disrupting usability of the cloud.
4. Deploy active defenses to uncover attacks proactively.
No organization can afford to wait for evidence of attacks. Technologies and processes should be in place to preemptively search out and stop any vulnerability. For example, an enterprise can proactively keep its most sensitive assets out of the cloud without adversely impacting their end user's cloud experience, by using a product such as ours.
5. Test continuously to improve incident response.
Testing is a key part of cybersecurity and we've seen with recent attacks that response matters - led by the IT department, but including all major departments. Solutions like those from Co3 Systems can help an organization be prepared if and when the time comes.
6. Enlist frontline personnel to help them understand the value of information assets.
The end users often feel the impact of cybersecurity choices the most and need to be up to speed on what is at stake with certain data assets - especially important with the rise of mobility and BYOD in the workplace.
7. Integrate cyber-resistance into enterprise-wide risk-management and governance processes.
Cybersecurity is clearly not just an IT department issue, but a decision and process that should involve multiple teams within the enterprise.
There was some disagreement in the survey about the issue of cybersecurity regulations and there was also some division by industry (which makes sense given the disparity in regulations already in place by industry sector). We believe regulation will continue to grow and be increasingly complex, making full awareness and compliance with any and all applicable industry regulations a must by security solution providers - whether PCI DSS, HIPAA or others.
Finally, we agree that this is a C-Suite and boardroom issue - the viability of institutions depend on proactively removing enterprise risk and threat.
I strongly recommend you download and read the full report. I look forward to future updates from McKinsey and the World Economic Forum.
PerspecSys Inc. is a leading provider of cloud protection and cloud encryption solutions that enable mission-critical cloud applications to be adopted throughout the enterprise. Cloud security companies like PerspecSys remove the technical, legal and financial risks of placing sensitive company data in the cloud. PerspecSys accomplishes this for many large, heavily regulated companies across the world by never allowing sensitive data to leave a customer's network, while maintaining the functionality of cloud applications. For more information please visit www.perspecsys.com or follow on Twitter @perspecsys
"We've just seen a huge influx of new partners coming into our ecosystem, and partners building unique offerings on top of our API set," explained Seth Bostock, Chief Executive Officer at IndependenceIT, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Aug. 2, 2015 10:00 PM EDT Reads: 676
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
Aug. 2, 2015 05:45 PM EDT Reads: 505
With SaaS use rampant across organizations, how can IT departments track company data and maintain security? More and more departments are commissioning their own solutions and bypassing IT. A cloud environment is amorphous and powerful, allowing you to set up solutions for all of your user needs: document sharing and collaboration, mobile access, e-mail, even industry-specific applications. In his session at 16th Cloud Expo, Shawn Mills, President and a founder of Green House Data, discussed h...
Aug. 2, 2015 11:45 AM EDT Reads: 479
For IoT to grow as quickly as analyst firms’ project, a lot is going to fall on developers to quickly bring applications to market. But the lack of a standard development platform threatens to slow growth and make application development more time consuming and costly, much like we’ve seen in the mobile space. In his session at @ThingsExpo, Mike Weiner, Product Manager of the Omega DevCloud with KORE Telematics Inc., discussed the evolving requirements for developers as IoT matures and conducte...
Aug. 2, 2015 11:15 AM EDT Reads: 354
There are many considerations when moving applications from on-premise to cloud. It is critical to understand the benefits and also challenges of this migration. A successful migration will result in lower Total Cost of Ownership, yet offer the same or higher level of robustness. In his session at 15th Cloud Expo, Michael Meiner, an Engineering Director at Oracle, Corporation, analyzed a range of cloud offerings (IaaS, PaaS, SaaS) and discussed the benefits/challenges of migrating to each offe...
Aug. 2, 2015 11:00 AM EDT Reads: 172
One of the hottest areas in cloud right now is DRaaS and related offerings. In his session at 16th Cloud Expo, Dale Levesque, Disaster Recovery Product Manager with Windstream's Cloud and Data Center Marketing team, will discuss the benefits of the cloud model, which far outweigh the traditional approach, and how enterprises need to ensure that their needs are properly being met.
Aug. 2, 2015 09:00 AM EDT Reads: 1,698
Malicious agents are moving faster than the speed of business. Even more worrisome, most companies are relying on legacy approaches to security that are no longer capable of meeting current threats. In the modern cloud, threat diversity is rapidly expanding, necessitating more sophisticated security protocols than those used in the past or in desktop environments. Yet companies are falling for cloud security myths that were truths at one time but have evolved out of existence.
Jul. 30, 2015 06:00 PM EDT Reads: 1,825
[slides] Workloads and Public Cloud at @CloudExpo By @utollwi | @ProfitBricksUSA #DevOps #Containers #Microservices
Public Cloud IaaS started its life in the developer and startup communities and has grown rapidly to a $20B+ industry, but it still pales in comparison to how much is spent worldwide on IT: $3.6 trillion. In fact, there are 8.6 million data centers worldwide, the reality is many small and medium sized business have server closets and colocation footprints filled with servers and storage gear. While on-premise environment virtualization may have peaked at 75%, the Public Cloud has lagged in adop...
Jul. 30, 2015 04:00 PM EDT Reads: 2,234
The Cloud industry has moved from being more than just being able to provide infrastructure and management services on the Cloud. Enter a new era of Cloud computing where monetization’s services through the Cloud are an essential piece of strategy to feed your organizations bottom-line, your revenue and Profitability. In their session at 16th Cloud Expo, Ermanno Bonifazi, CEO & Founder of Solgenia, and Ian Khan, Global Strategic Positioning & Brand Manager at Solgenia, discussed how to easily o...
Jul. 30, 2015 01:45 PM EDT Reads: 402
Growth hacking is common for startups to make unheard-of progress in building their business. Career Hacks can help Geek Girls and those who support them (yes, that's you too, Dad!) to excel in this typically male-dominated world. Get ready to learn the facts: Is there a bias against women in the tech / developer communities? Why are women 50% of the workforce, but hold only 24% of the STEM or IT positions? Some beginnings of what to do about it! In her Opening Keynote at 16th Cloud Expo, S...
Jul. 30, 2015 12:00 PM EDT Reads: 2,077
In his keynote at 16th Cloud Expo, Rodney Rogers, CEO of Virtustream, discussed the evolution of the company from inception to its recent acquisition by EMC – including personal insights, lessons learned (and some WTF moments) along the way. Learn how Virtustream’s unique approach of combining the economics and elasticity of the consumer cloud model with proper performance, application automation and security into a platform became a breakout success with enterprise customers and a natural fit f...
Jul. 30, 2015 09:00 AM EDT Reads: 2,173
"We have been in business for 21 years and have been building many enterprise solutions, all IT plumbing - server, storage, interconnects," stated Alex Gorbachev, President of Intelligent Systems Services, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 30, 2015 08:30 AM EDT Reads: 1,061
The essence of cloud computing is that all consumable IT resources are delivered as services. In his session at 15th Cloud Expo, Yung Chou, Technology Evangelist at Microsoft, demonstrated the concepts and implementations of two important cloud computing deliveries: Infrastructure as a Service (IaaS) and Platform as a Service (PaaS). He discussed from business and technical viewpoints what exactly they are, why we care, how they are different and in what ways, and the strategies for IT to tran...
Jul. 29, 2015 03:15 PM EDT Reads: 421
Discussions about cloud computing are evolving into discussions about enterprise IT in general. As enterprises increasingly migrate toward their own unique clouds, new issues such as the use of containers and microservices emerge to keep things interesting. In this Power Panel at 16th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the state of cloud computing today, and what enterprise IT professionals need to know about how the latest topics and trends affect t...
Jul. 29, 2015 02:00 PM EDT Reads: 1,205
"Our biggest growth area has been the security services, the managed services - the things that differentiate us in the market that there is no client that's too small and there's no client that's too big," explained Paul Mazzucco, Chief Security Officer at TierPoint, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 29, 2015 02:00 PM EDT Reads: 440
"We do data integration for B2B also application to application, and we do data management and enable Big Data," explained Pat Adamiak, Vice President, Product Marketing at Liaison Technologies, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Jul. 29, 2015 12:00 PM EDT Reads: 364
[slides] From Industry to Society By @JMondanaro | @ThingsExpo @MetraTech @Ericsson #IoT #M2M #InternetOfThings
It is one thing to build single industrial IoT applications, but what will it take to build the Smart Cities and truly society-changing applications of the future? The technology won’t be the problem, it will be the number of parties that need to work together and be aligned in their motivation to succeed. In his session at @ThingsExpo, Jason Mondanaro, Director, Product Management at Metanga, discussed how you can plan to cooperate, partner, and form lasting all-star teams to change the world...
Jul. 28, 2015 04:30 PM EDT Reads: 1,776
SYS-CON Events announced today that Agema Systems will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Agema Systems is the leading provider of critical white-box rack solutions to data centers through the major integrators and value added distribution channels.
Jul. 28, 2015 11:25 AM EDT Reads: 173
Converging digital disruptions is creating a major sea change - Cisco calls this the Internet of Everything (IoE). IoE is the network connection of People, Process, Data and Things, fueled by Cloud, Mobile, Social, Analytics and Security, and it represents a $19Trillion value-at-stake over the next 10 years. In her keynote at @ThingsExpo, Manjula Talreja, VP of Cisco Consulting Services, discussed IoE and the enormous opportunities it provides to public and private firms alike. She will share w...
Jul. 28, 2015 11:00 AM EDT Reads: 2,049
In the midst of the widespread popularity and adoption of cloud computing, it seems like everything is being offered “as a Service” these days: Infrastructure? Check. Platform? You bet. Software? Absolutely. Toaster? It’s only a matter of time. With service providers positioning vastly differing offerings under a generic “cloud” umbrella, it’s all too easy to get confused about what’s actually being offered. In his session at 16th Cloud Expo, Kevin Hazard, Director of Digital Content for SoftL...
Jul. 27, 2015 01:00 PM EDT Reads: 1,644