BT

Your opinion matters! Please fill in the InfoQ Survey!

Bill Veghte on Securing the Enterprise in a Changing World

| by Srini Penchikala Follow 15 Followers on Feb 18, 2011. Estimated reading time: 1 minute |

A note to our readers: As per your request we have developed a set of features that allow you to reduce the noise, while not losing sight of anything that is important. Get email and web notifications by choosing the topics you are interested in.

Bill Veghte from HP said that organizations need to adopt a new model for securing critical corporate infrastructure assets and information to support the modern business. He gave a keynote presentation at the RSA 2011 Conference on Wednesday on securing the enterprise in a changing world. He said IT is tied more closely to the business than ever and the new digital business model requires a new approach for managing the security.

Each shift in the IT industry - from mainframes to client/server to web and now with the cloud, virtual and mobile platforms - has brought more information to the user but it also brought more security challenges. Risk assessment and management is the key in responding to this shift and the new technologies. The security posture for today is that there are more threats but less visibility, more data but less prioritization, and more impact but less response.

Bill suggested that the security approach should include visualizing the vulnerabilities, incidents and compliance risks. The organizations have to move from a layer specific security model to a holistic one which includes business processes, users and systems as part of the overall security response model. We should also create a security intelligence strategy that includes process centric risk management. The security integration process should include collecting the data set related to security incidents and vulnerabilities and providing the right analysis to bring context to the security vulnerabilities. He said the new security approach should include metrics like Risk Level Agreements (RLAs) similar to the IT metrics we have today for Service Level Agreements (SLAs). Tools like HP IT Management Portfolio can be used to unify the security layers for complete visibility.

He concluded the discussion by saying there will be massive changes happening in the future driven by the cloud, virtual and mobile architectures. The balance of power is shifting to the users and the security model must evolve to respond to this shift.

In another keynote session, Michael Denning from CA Technologies hosted a panel discussion about the secure collaboration effort being undertaken by Transglobal Secure Collaboration Platform (TSCP) program, a 23-member organization, and how government departments and agencies like Aerospace and Defense are securely collaborating on projects.

 

Rate this Article

Adoption Stage
Style

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Discuss

Login to InfoQ to interact with what matters most to you.


Recover your password...

Follow

Follow your favorite topics and editors

Quick overview of most important highlights in the industry and on the site.

Like

More signal, less noise

Build your own feed by choosing topics you want to read about and editors you want to hear from.

Notifications

Stay up-to-date

Set up your notifications and don't miss out on content that matters to you

BT