OK, I admit it.
Until EMC acquired RSA, I attempted to stay far away from security-related discussions. Usually, these involved very hard questions with very few good answers. Or so I thought.
Now that I've been orbiting around RSA and their world of security professionals for several years, my perspective has changed dramatically.It's an increasingly important topic to both us as IT professionals, and us as consumers.
The questions are getting harder, but the answers are getting much better.
And, most often, the people who focus on security are perhaps the most under-appreciated group within the technology realm.
I mean, really, how many of us welcome a visit from our security people? My impression is that it's right up there with visit from HR, legal or the finance auditors.
And that needs to change ...
Closing The CISO / CEO Gap
EMC has a world-class IT security organization. But it took me a while to realize this.
My first interactions were along the lines of "who are these guys, and why are they preventing me from doing what I want to do?". I then started to learn exactly who these guys were, and exactly why they were preventing me from putting myself -- and my company -- at risk.
I was impressed. But -- you have to ask yourself -- how often does this story repeat itself?
The first gem that crossed my radar was this excellent piece from RSA that documented the growing gap between the CEO (or other senior leadership) and the CISO (or other people who are responsible for IT security).
Take it from me, you don't want to be part of any function that has a "growing gap" between your function and the leadership of the organization :-)The best part is that very pragmatic advice was offered with concrete steps that needed to be taken to close that gap.
The advice goes far beyond CISO and security professionals. It's good advice for any IT leader, or -- as a matter of fact -- any corporate function that's not getting the attention it deserves.
Note the mention of the "Security For Business Innovation Council". I know, that might sound like an oxymoron to some of you, but it's quite serious -- there are many industry leaders that believe advanced security technologies and associated governance models can be a source of innovation, as well as a competitive differentiator.
A worldview that EMC agrees with :-)
Proving Your Security
My education in the IT security world went something like this.
101 -- Secure against all known threats
201 -- Secure against all unknown threats
301 -- Balance security measures against cost and risk
401 -- Do all of the above without getting in the way of doing business
501 -- You don't get any credit for stuff you can't prove
601 -- It's all about passing the audit, and getting back to work
All cynicism aside, you'd be surprised how many people respond to the "601" level discussion. This is true both in the enterprise world as well as the service provider world.
Which brings me to my second gem ... a nice "momentum release" on the enVision SIEM (security information and event management) platform.
For those of you not familiar with this category of solution, the concept is pretty simple. Lots of stuff generates security events and log information. SIEM platforms gather all this stuff and analyze it.
First approximation -- great way to improve security by correlating security events in near realtime.
Second approximation -- many hundreds of pre-built audit and compliance template reports that can be automatically generated when the auditors show up.
Any guess as to why customers really like this product?This Friday, perhaps you'll take a moment and go find someone in your security organization, and tell them "thank you for what you do".
It usually is a thankless yet important role.
Comments