InfoSec: Cybersecurity expert says preparation key to business survival

Share this article:
Howard Schmidt, (ISC)2 security strategist; former cybersecurity adviser to the White House
Howard Schmidt, (ISC)2 security strategist; former cybersecurity adviser to the White House
The world is more interconnected than ever before, with an estimated one billion devices connected to the internet, and in the next three to five years, that figure will double.

Not only does this present challenges to those security professionals charged with guarding corporate networks against attacks, but it presents opportunities as well to make a difference in their enterprises.

This was the groundwork laid out by noted security expert Howard Schmidt in his keynote address to start off the CISO Executive Summit last week in Orlando, Fla., a daylong series of presentations and panels preceding InfoSec World.

“Technology has been great for us,” the (ISC)2 security strategist and former White House cybersecurity adviser told the approximately 50 IT executives at the meeting. “But what could someone do against it? What's coming next? We don't know. If we knew we could do a better job preparing."

One priority he pointed out was to stop bugs in software and firmware: “We've got the tools now to find vulnerabilities,” he said.

In advising the audience on how best to make a difference in today's environment, he said that data is gold today.

“Pull people around the table who own the data,” he said. The message that must be conveyed: “This is not the time to cut back on security.”

To achieve this, the key challenge for IT security staff is to get their colleagues to understand the risk environment.

“You have to understand the business to understand the risk," he said. "There needs to be full alignment between business needs when doing risk assessment."

Bring plans up to date and focus on a long-term strategy, he added.

“Guide the discussion about solving technology and long-term expectations.”

And by all means, become familiar with all the latest gizmos and technology offerings being used in the corporation. To illustrate his point, Schmidt explained that when security colleagues expressed incredulity at his creating a Facebook page, concerned about the privacy implications, Schmidt answered, “If we're not using it, how are we going to understand it?”
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Beazley: employee errors root of most data breaches, but malware incidents cost ...

Insurance firm Beazley analyzed more than 1,500 data breaches it serviced between 2013 and 2014.

Apple issues seven updates, fixes more than 40 vulnerabilities in iOS 8, OS 10.9.5

Apple issues seven updates, fixes more than 40 ...

In one of its infrequent "Update Surprisedays," Apple plugged holes, boosted security and added features.

Canadian telecom co. Telus unveils first transparency report

The company received more than 100,000 government requests for customer data last year.