InfoSec: Cybersecurity expert says preparation key to business survival

Share this article:
Howard Schmidt, (ISC)2 security strategist; former cybersecurity adviser to the White House
Howard Schmidt, (ISC)2 security strategist; former cybersecurity adviser to the White House
The world is more interconnected than ever before, with an estimated one billion devices connected to the internet, and in the next three to five years, that figure will double.

Not only does this present challenges to those security professionals charged with guarding corporate networks against attacks, but it presents opportunities as well to make a difference in their enterprises.

This was the groundwork laid out by noted security expert Howard Schmidt in his keynote address to start off the CISO Executive Summit last week in Orlando, Fla., a daylong series of presentations and panels preceding InfoSec World.

“Technology has been great for us,” the (ISC)2 security strategist and former White House cybersecurity adviser told the approximately 50 IT executives at the meeting. “But what could someone do against it? What's coming next? We don't know. If we knew we could do a better job preparing."

One priority he pointed out was to stop bugs in software and firmware: “We've got the tools now to find vulnerabilities,” he said.

In advising the audience on how best to make a difference in today's environment, he said that data is gold today.

“Pull people around the table who own the data,” he said. The message that must be conveyed: “This is not the time to cut back on security.”

To achieve this, the key challenge for IT security staff is to get their colleagues to understand the risk environment.

“You have to understand the business to understand the risk," he said. "There needs to be full alignment between business needs when doing risk assessment."

Bring plans up to date and focus on a long-term strategy, he added.

“Guide the discussion about solving technology and long-term expectations.”

And by all means, become familiar with all the latest gizmos and technology offerings being used in the corporation. To illustrate his point, Schmidt explained that when security colleagues expressed incredulity at his creating a Facebook page, concerned about the privacy implications, Schmidt answered, “If we're not using it, how are we going to understand it?”
Share this article:

Sign up to our newsletters

More in News

In Cisco probe, misuse or compromise spotted on all firms' networks

In Cisco probe, misuse or compromise spotted on ...

Cisco analyzed the business networks of 30 multinational companies last year, and revealed the findings in its 2014 Annual Security Report.

Fareit trojan observed spreading Necurs, Zbot and CryptoLocker

The Necurs and Zbot trojans, as well as CryptoLocker ransomware, has been observed by researchers as being spread through another trojan, known as Fareit.

Post Heartbleed, tech giants join initiative to bolster open source

Post Heartbleed, tech giants join initiative to bolster ...

The newly formed Core Infrastructure Initiative, created to boost under-funded open source projects, will tackle OpenSSL first.