Security & Risk
Follow the money but that isn't enough
If the RSA Conference was any indicator, threat intelligence has finally joined the ranks of cloud and advanced persistent threat as ambiguous/overused terms that mean many different things to many different people.
June 26, 2015 12:34:00 AM Read Full Post
With great convenience comes great responsibility...
Underestimating or neglecting the necessary security practices that a cloud requires can lead to hacks, breaches, and horrendous data leaks.
June 23, 2015 11:52:00 AM Read Full Post
US struggles to balance privacy and state surveillance
Since the bulk collection of telephone metadata began, the NSA has been keeping those records in a vast database and maintaining and querying that data for 5 years before being required to purge it. Now that the data will be back in the hands of the telecom companies, the Federal Communications Commission’s regulations will determine the retention of the metadata. What will it mean?
June 05, 2015 10:51:00 AM Read Full Post
Identity and Access Management remain a massive headache for IT security professionals
When I first became research director of Forrester's S&R team more than five years ago, I was amazed to discover that 30% to 35% of the thousands of client questions the team fielded each year were related to Identity and Access Management(IAM).
May 20, 2015 4:57:00 AM Read Full Post
Hunting for practical solutions amidst a tech fashion parade
Forrester’s Security and Risk team will have a lot of analysts out once again for this year’s RSA Conference. After all these years (12 for me!) we have to balance our excitement to see old friends and colleagues with our cynicism that says it will be a week of empty buzzwords just slightly updated from those we heard last year.
April 17, 2015 10:37:00 AM Read Full Post
Reputational risk is growing and IT security and risk professionals need to understand it
Risk professionals aren’t prepared for the age of the customer. Empowered consumers and changing market dynamics are upending longstanding business models and lines of operation, but risk professionals largely stand pat, and continue to neglect risks related to their organizations’ most critical asset – company reputation.
April 13, 2015 9:45:00 AM Read Full Post
Cloud Will Transform Managed Security Services
The movement to cloud is fast changing the method companies will deploy and consume security services. The number one issue that drives the adoption of managed security services (MSS) and the business of managed security service providers (MSSPs) is complexity reduction.
February 17, 2015 10:03:00 AM Read Full Post
IoT and wearable tech are all the rage at CES but there is an elephant in the room
The CES Expo has a number of specific areas of coverage including fitness and health, wearables, connected home, family safety, and some young innovative companies located in the startup area of the section.
January 08, 2015 10:28:00 AM Read Full Post
Beware executives bearing gifts...
If you’re a security and risk leader, it’s either the best of times or the worst of times. Today, it feels as if not a week goes by without yet another revelation of a large scale cyberattack targeting a trusted corporate brand.
December 02, 2014 9:15:00 AM Read Full Post
Are you in tune with your customers' attitudes?
We are in a golden age of data breaches - just this week, the United States Post Office was the latest casualty - and consumer attitudes about data security and privacy are evolving accordingly. If your data security and privacy programs exist just to ensure you meet compliance, you’re going to be in trouble.
November 13, 2014 9:52:00 AM Read Full Post