Difference between revisions of "Template:BSW184NewsMattAlderman"

From Security Weekly Wiki
Jump to navigationJump to search
(Added By Paul's Craptastic PPWorks Code)
 
Line 1: Line 1:
 
===Articles===
 
===Articles===
 +
*[https://www.computerweekly.com/opinion/How-to-tackle-the-IAM-challenges-of-multinational-companies How to tackle the IAM challenges of multinational companies] - The rapidly changing business, regulatory and IT environment makes IAM a tough nut to crack for large multinationals.  To deal with these regulations, multinational companies need a strong IAM that is flexible enough to be strong in some regions, but more relaxed in others.  Here's a few recommendations:
 +
** Shift to as-a-service model
 +
** IAM as a managed service
 +
** Define your future Identity Fabric
 +
*[https://medium.com/inc./how-to-prepare-for-a-difficult-conversation-you-cant-have-in-person-b4ce2c62e53e How to Prepare for a Difficult Conversation You Can’t Have in Person] - Here are four ways business owners and leaders can prepare for tough conversations with greater intention and reflection, especially when they can’t have them face to face.
 +
** Define your desired outcome.
 +
** Anticipate what will be seen and said.
 +
** Script before you speak.
 +
** Make sure to vent first.
 +
*[https://www.cybertalk.org/2020/08/06/cisos-say-new-problem-solving-strategies-required/ CISOs say new problem solving strategies required] - At present, executives are solving a brand new set of problems. Stay-at-home orders and remote work have catalyzed massive organizational shifts. These include:
 +
** Transitioning infrastructure
 +
** Rethinking data privacy and storage
 +
** Reconfiguring budgets
 +
** Reshaping the internal culture around cyber security
 +
*[https://www.csoonline.com/article/3569310/how-to-make-your-security-team-more-business-savvy.html#tk.rss_news How to make your security team more business savvy] - CISOs are finding ways to inject more business skills into their teams through recruitment, training and staffing strategies that broaden workers’ horizons — strategies that they say are paying off with stronger security and better aligned risk management.  Here's how:
 +
** Lead by example
 +
** Create opportunities for more cross-function experiences
 +
** Hire broader-minded talent
 +
** Cultivate a business mindset in staff members
 +
*[https://securityboulevard.com/2020/08/two-cisos-pay-400k-for-security-yet-one-spends-10x-more-how/ Two CISOs Pay $400k for Security, Yet One Spends 10x More. How?] - The average organization spends about $7,500 per employee on information technology, with about 5.6% of that spend earmarked for cybersecurity. At these rates, the CISO at an 1,000 employee organization has an average annual infosec budget of $400k, with around $220k spent on reactive measures and $180k spent on proactive measures. As you can tell, an “average” breach, at $4 million, is an order of magnitude more costly than the overall budget for an organization like this.  So, if we consider a scenario where one CISO invests heavily in proactive measures, successfully avoiding a major breach, while another invests primarily in reactive measures, and ends up cleaning up after a major breach, CISO one ends up spending 10x less overall.
 +
*[https://securityboulevard.com/2020/08/how-remote-work-is-reshuffling-your-security-priorities-and-investments/ How Remote Work is Reshuffling Your Security Priorities and Investments] - And the winners are...
 +
** Identity and access management (IAM)
 +
** Endpoint detection and response (EDR)
 +
** Cloud security
 +
** Mobile device management
 +
** Data leakage prevention (DLP)
 +
*[https://www.darkreading.com/edge/theedge/security-jobs-with-a-future----and-ones-on-the-way-out/b/d-id/1338652?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple Security Jobs With a Future -- And Ones on the Way Out] - Some titles are hot, while others are not, amid rapidly shifting business priorities.  Here's the list...
 +
** HOT
 +
*** Data Scientist/Security Analyst
 +
*** The DevSecOps Security Engineer
 +
*** Security Architect
 +
*** Cloud Roles
 +
*** Governance and Compliance Roles
 +
** NOT NOT
 +
*** Security Operations Center Analyst
 +
*** Traditional Security Engineer
 +
*** Hardware Engineer
 +
*** Data Center Security Manager

Revision as of 19:39, 14 August 2020

Articles

  • How to tackle the IAM challenges of multinational companies - The rapidly changing business, regulatory and IT environment makes IAM a tough nut to crack for large multinationals. To deal with these regulations, multinational companies need a strong IAM that is flexible enough to be strong in some regions, but more relaxed in others. Here's a few recommendations:
    • Shift to as-a-service model
    • IAM as a managed service
    • Define your future Identity Fabric
  • How to Prepare for a Difficult Conversation You Can’t Have in Person - Here are four ways business owners and leaders can prepare for tough conversations with greater intention and reflection, especially when they can’t have them face to face.
    • Define your desired outcome.
    • Anticipate what will be seen and said.
    • Script before you speak.
    • Make sure to vent first.
  • CISOs say new problem solving strategies required - At present, executives are solving a brand new set of problems. Stay-at-home orders and remote work have catalyzed massive organizational shifts. These include:
    • Transitioning infrastructure
    • Rethinking data privacy and storage
    • Reconfiguring budgets
    • Reshaping the internal culture around cyber security
  • How to make your security team more business savvy - CISOs are finding ways to inject more business skills into their teams through recruitment, training and staffing strategies that broaden workers’ horizons — strategies that they say are paying off with stronger security and better aligned risk management. Here's how:
    • Lead by example
    • Create opportunities for more cross-function experiences
    • Hire broader-minded talent
    • Cultivate a business mindset in staff members
  • Two CISOs Pay $400k for Security, Yet One Spends 10x More. How? - The average organization spends about $7,500 per employee on information technology, with about 5.6% of that spend earmarked for cybersecurity. At these rates, the CISO at an 1,000 employee organization has an average annual infosec budget of $400k, with around $220k spent on reactive measures and $180k spent on proactive measures. As you can tell, an “average” breach, at $4 million, is an order of magnitude more costly than the overall budget for an organization like this. So, if we consider a scenario where one CISO invests heavily in proactive measures, successfully avoiding a major breach, while another invests primarily in reactive measures, and ends up cleaning up after a major breach, CISO one ends up spending 10x less overall.
  • How Remote Work is Reshuffling Your Security Priorities and Investments - And the winners are...
    • Identity and access management (IAM)
    • Endpoint detection and response (EDR)
    • Cloud security
    • Mobile device management
    • Data leakage prevention (DLP)
  • Security Jobs With a Future -- And Ones on the Way Out - Some titles are hot, while others are not, amid rapidly shifting business priorities. Here's the list...
    • HOT
      • Data Scientist/Security Analyst
      • The DevSecOps Security Engineer
      • Security Architect
      • Cloud Roles
      • Governance and Compliance Roles
    • NOT NOT
      • Security Operations Center Analyst
      • Traditional Security Engineer
      • Hardware Engineer
      • Data Center Security Manager