BT

Bill Veghte on Securing the Enterprise in a Changing World

by Srini Penchikala on Feb 18, 2011 |

Bill Veghte from HP said that organizations need to adopt a new model for securing critical corporate infrastructure assets and information to support the modern business. He gave a keynote presentation at the RSA 2011 Conference on Wednesday on securing the enterprise in a changing world. He said IT is tied more closely to the business than ever and the new digital business model requires a new approach for managing the security.

Each shift in the IT industry - from mainframes to client/server to web and now with the cloud, virtual and mobile platforms - has brought more information to the user but it also brought more security challenges. Risk assessment and management is the key in responding to this shift and the new technologies. The security posture for today is that there are more threats but less visibility, more data but less prioritization, and more impact but less response.

Bill suggested that the security approach should include visualizing the vulnerabilities, incidents and compliance risks. The organizations have to move from a layer specific security model to a holistic one which includes business processes, users and systems as part of the overall security response model. We should also create a security intelligence strategy that includes process centric risk management. The security integration process should include collecting the data set related to security incidents and vulnerabilities and providing the right analysis to bring context to the security vulnerabilities. He said the new security approach should include metrics like Risk Level Agreements (RLAs) similar to the IT metrics we have today for Service Level Agreements (SLAs). Tools like HP IT Management Portfolio can be used to unify the security layers for complete visibility.

He concluded the discussion by saying there will be massive changes happening in the future driven by the cloud, virtual and mobile architectures. The balance of power is shifting to the users and the security model must evolve to respond to this shift.

In another keynote session, Michael Denning from CA Technologies hosted a panel discussion about the secure collaboration effort being undertaken by Transglobal Secure Collaboration Platform (TSCP) program, a 23-member organization, and how government departments and agencies like Aerospace and Defense are securely collaborating on projects.

 

Hello stranger!

You need to Register an InfoQ account or to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Discuss

Educational Content

General Feedback
Bugs
Advertising
Editorial
InfoQ.com and all content copyright © 2006-2013 C4Media Inc. InfoQ.com hosted at Contegix, the best ISP we've ever worked with.
Privacy policy
BT