Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Adopt a data-centric approach to security: Heidi Shey, Forrester

Yogesh Gupta | June 29, 2016
CISOs should evaluate their security maturity and develop a roadmap to reach the next level of maturity says Heidi Shey, Senior Analyst serving Security & Risk Professionals, Forrester.

S&R pros worry about customer concerns over privacy, but this worry varies in intensity depending on the country and the existing regulatory, business, and customer climate, says Heidi Shey, Senior Analyst serving Security & Risk Professionals, Forrester.

How will 2016 define the future of Security?

Customer expectations and concerns about security and privacy will help to drive further investment and change than regulation. How companies handle and protect sensitive data will be an important component of their brand and overall reputation. Data protection is now a corporate social responsibility.

In a Forrester report 'Predictions 2016: Cybersecurity Swings To Prevention' which applies globally indicates that S&R pros (security and risk professionals) will increase spending on prevention by 5-10%. This is a signal that firms will return to a focus on the basics for cybersecurity, and consider prevention as important as detection and response. 

S&R pros worry about customer concerns over privacy, but this worry varies in intensity depending on the country and the existing regulatory, business, and customer climate.

Forrester's Global Business Technographics Security Survey, 2015 with 121 to 1,062 global security decision-makers (20+ employee companies) rated their concern for each source of information risk and the potential impact on their organization. India ranked highest with 76% followed by China at 74%. The number for US was 48% and France was at 42%.

In the European Union (EU), where data protection regulation is the high-water mark for the rest of the world, a lower - yet still sizable - percentage of security decision-makers express concern. However, there is a silver lining to this concern and awareness: A growing number see a business opportunity and view privacy as a competitive advantage for their business. This rings true especially in countries like India, where 45% of security decision-makers share this sentiment, compared with 22% in the US

What about new age technologies like APT / next gen firewall / DLP? Are they for real?

They are for real. APTs are a real threat globally. Next gen firewalls are one technology of many that security professionals have to choose from regardless of region; ultimately we have to remember that it's not just about accumulating the latest and greatest tools and technologies, it's about your higher level security strategy and acquiring the appropriate tools to execute on that strategy. It's how you use the tools.

Next gen firewalls are one of three innovations that help companies execute on the Zero Trust model of information security. The development and adoption of Virtual network infrastructure (VNI) has accelerated the adoption of Zero Trust networking tremendously. And third being Network orchestration solutions. The desire for agile network programmability powered by centralized management is key to 21st-century networking. It's also key to security.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.