"Security is used to be seen as black or white. You are either breached or not breached; you are either secure or not secure. But now, I think we are starting to see security for what it is - it is a constant continuum between these two things," Hugh Thompson, Chief Security Strategist and Senior Vice President of Blue Coat Systems Inc., told members of the media in a roundtable discussion on July 22, 2014.
Held in Singapore in conjunction with the recent RSA Conference Asia Pacific and Japan 2014, Thompson commented that a lot has happened within the security space in recent years; making information security a prominent conversational topic - especially in the corporate setting - as he sees more executives asking more questions about security responsibility and security governance.
Shift in security thinking
Thompson feels that this increased security vigilance is triggered by the spate of data breaches taking place over the last couple of years. Besides data breaches, he noted that there is also a notable increase in hacktivism. Describing hacktivists as "people who see hacking as a means of expression; or as a means of making a statement against political parties or country", he added that the emergence of hacktivism has led to the rise of nation-state attacks.
"While defense is critical, I think that the area of security that is becoming more and more important is the ability to recover after an attack. It's something new in the mindset and ethos of security," he said.
Fellow host of the roundtable discussion, Brian Contos, Blue Coat's VP Threat Intelligence and Security Strategy, added that one trend he's seeing is an increased alignment between technology and business.
"From 2010 to 2014, we witness a shift as business security focuses on operational efficiency. More organisations started having endpoint controls, and network and data and mobile cloud," Contos elaborated.
He went on to cite an example of Thomas Edison's genius innovation of a light bulb: "The light bulb is a great idea, but that by itself does not yield anything. When John Pierpoint (J.P.) Morgan invested in him, it resulted in billions of dollars in sales. That's because they recognised the importance of alignment between technology and business."
"Security needs to be aligned with key business decision-making. Important business decisions should factor in the security element and attempt to reduce risk, while allowing the company to grow the business and drive revenue at the same time. That's a fundamental shift in security thinking," he added.
Unique security trends in Asia
In terms of the security landscape in the Asia Pacific region, Contos noted two prevalent trends. Firstly, he highlighted that mobile security is a key concern.
Sign up for CIO Asia eNewsletters.