Difference between revisions of "Template:BSW184NewsMattAlderman"
From Security Weekly Wiki
Jump to navigationJump to search (Added By Paul's Craptastic PPWorks Code) |
|||
| Line 1: | Line 1: | ||
===Articles=== | ===Articles=== | ||
| + | *[https://www.computerweekly.com/opinion/How-to-tackle-the-IAM-challenges-of-multinational-companies How to tackle the IAM challenges of multinational companies] - The rapidly changing business, regulatory and IT environment makes IAM a tough nut to crack for large multinationals. To deal with these regulations, multinational companies need a strong IAM that is flexible enough to be strong in some regions, but more relaxed in others. Here's a few recommendations: | ||
| + | ** Shift to as-a-service model | ||
| + | ** IAM as a managed service | ||
| + | ** Define your future Identity Fabric | ||
| + | *[https://medium.com/inc./how-to-prepare-for-a-difficult-conversation-you-cant-have-in-person-b4ce2c62e53e How to Prepare for a Difficult Conversation You Can’t Have in Person] - Here are four ways business owners and leaders can prepare for tough conversations with greater intention and reflection, especially when they can’t have them face to face. | ||
| + | ** Define your desired outcome. | ||
| + | ** Anticipate what will be seen and said. | ||
| + | ** Script before you speak. | ||
| + | ** Make sure to vent first. | ||
| + | *[https://www.cybertalk.org/2020/08/06/cisos-say-new-problem-solving-strategies-required/ CISOs say new problem solving strategies required] - At present, executives are solving a brand new set of problems. Stay-at-home orders and remote work have catalyzed massive organizational shifts. These include: | ||
| + | ** Transitioning infrastructure | ||
| + | ** Rethinking data privacy and storage | ||
| + | ** Reconfiguring budgets | ||
| + | ** Reshaping the internal culture around cyber security | ||
| + | *[https://www.csoonline.com/article/3569310/how-to-make-your-security-team-more-business-savvy.html#tk.rss_news How to make your security team more business savvy] - CISOs are finding ways to inject more business skills into their teams through recruitment, training and staffing strategies that broaden workers’ horizons — strategies that they say are paying off with stronger security and better aligned risk management. Here's how: | ||
| + | ** Lead by example | ||
| + | ** Create opportunities for more cross-function experiences | ||
| + | ** Hire broader-minded talent | ||
| + | ** Cultivate a business mindset in staff members | ||
| + | *[https://securityboulevard.com/2020/08/two-cisos-pay-400k-for-security-yet-one-spends-10x-more-how/ Two CISOs Pay $400k for Security, Yet One Spends 10x More. How?] - The average organization spends about $7,500 per employee on information technology, with about 5.6% of that spend earmarked for cybersecurity. At these rates, the CISO at an 1,000 employee organization has an average annual infosec budget of $400k, with around $220k spent on reactive measures and $180k spent on proactive measures. As you can tell, an “average” breach, at $4 million, is an order of magnitude more costly than the overall budget for an organization like this. So, if we consider a scenario where one CISO invests heavily in proactive measures, successfully avoiding a major breach, while another invests primarily in reactive measures, and ends up cleaning up after a major breach, CISO one ends up spending 10x less overall. | ||
| + | *[https://securityboulevard.com/2020/08/how-remote-work-is-reshuffling-your-security-priorities-and-investments/ How Remote Work is Reshuffling Your Security Priorities and Investments] - And the winners are... | ||
| + | ** Identity and access management (IAM) | ||
| + | ** Endpoint detection and response (EDR) | ||
| + | ** Cloud security | ||
| + | ** Mobile device management | ||
| + | ** Data leakage prevention (DLP) | ||
| + | *[https://www.darkreading.com/edge/theedge/security-jobs-with-a-future----and-ones-on-the-way-out/b/d-id/1338652?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple Security Jobs With a Future -- And Ones on the Way Out] - Some titles are hot, while others are not, amid rapidly shifting business priorities. Here's the list... | ||
| + | ** HOT | ||
| + | *** Data Scientist/Security Analyst | ||
| + | *** The DevSecOps Security Engineer | ||
| + | *** Security Architect | ||
| + | *** Cloud Roles | ||
| + | *** Governance and Compliance Roles | ||
| + | ** NOT NOT | ||
| + | *** Security Operations Center Analyst | ||
| + | *** Traditional Security Engineer | ||
| + | *** Hardware Engineer | ||
| + | *** Data Center Security Manager | ||
Revision as of 19:39, 14 August 2020
Articles
- How to tackle the IAM challenges of multinational companies - The rapidly changing business, regulatory and IT environment makes IAM a tough nut to crack for large multinationals. To deal with these regulations, multinational companies need a strong IAM that is flexible enough to be strong in some regions, but more relaxed in others. Here's a few recommendations:
- Shift to as-a-service model
- IAM as a managed service
- Define your future Identity Fabric
- How to Prepare for a Difficult Conversation You Can’t Have in Person - Here are four ways business owners and leaders can prepare for tough conversations with greater intention and reflection, especially when they can’t have them face to face.
- Define your desired outcome.
- Anticipate what will be seen and said.
- Script before you speak.
- Make sure to vent first.
- CISOs say new problem solving strategies required - At present, executives are solving a brand new set of problems. Stay-at-home orders and remote work have catalyzed massive organizational shifts. These include:
- Transitioning infrastructure
- Rethinking data privacy and storage
- Reconfiguring budgets
- Reshaping the internal culture around cyber security
- How to make your security team more business savvy - CISOs are finding ways to inject more business skills into their teams through recruitment, training and staffing strategies that broaden workers’ horizons — strategies that they say are paying off with stronger security and better aligned risk management. Here's how:
- Lead by example
- Create opportunities for more cross-function experiences
- Hire broader-minded talent
- Cultivate a business mindset in staff members
- Two CISOs Pay $400k for Security, Yet One Spends 10x More. How? - The average organization spends about $7,500 per employee on information technology, with about 5.6% of that spend earmarked for cybersecurity. At these rates, the CISO at an 1,000 employee organization has an average annual infosec budget of $400k, with around $220k spent on reactive measures and $180k spent on proactive measures. As you can tell, an “average” breach, at $4 million, is an order of magnitude more costly than the overall budget for an organization like this. So, if we consider a scenario where one CISO invests heavily in proactive measures, successfully avoiding a major breach, while another invests primarily in reactive measures, and ends up cleaning up after a major breach, CISO one ends up spending 10x less overall.
- How Remote Work is Reshuffling Your Security Priorities and Investments - And the winners are...
- Identity and access management (IAM)
- Endpoint detection and response (EDR)
- Cloud security
- Mobile device management
- Data leakage prevention (DLP)
- Security Jobs With a Future -- And Ones on the Way Out - Some titles are hot, while others are not, amid rapidly shifting business priorities. Here's the list...
- HOT
- Data Scientist/Security Analyst
- The DevSecOps Security Engineer
- Security Architect
- Cloud Roles
- Governance and Compliance Roles
- NOT NOT
- Security Operations Center Analyst
- Traditional Security Engineer
- Hardware Engineer
- Data Center Security Manager
- HOT
