InfoSec: Cybersecurity expert says preparation key to business survival

Share this article:
Howard Schmidt, (ISC)2 security strategist; former cybersecurity adviser to the White House
Howard Schmidt, (ISC)2 security strategist; former cybersecurity adviser to the White House
The world is more interconnected than ever before, with an estimated one billion devices connected to the internet, and in the next three to five years, that figure will double.

Not only does this present challenges to those security professionals charged with guarding corporate networks against attacks, but it presents opportunities as well to make a difference in their enterprises.

This was the groundwork laid out by noted security expert Howard Schmidt in his keynote address to start off the CISO Executive Summit last week in Orlando, Fla., a daylong series of presentations and panels preceding InfoSec World.

“Technology has been great for us,” the (ISC)2 security strategist and former White House cybersecurity adviser told the approximately 50 IT executives at the meeting. “But what could someone do against it? What's coming next? We don't know. If we knew we could do a better job preparing."

One priority he pointed out was to stop bugs in software and firmware: “We've got the tools now to find vulnerabilities,” he said.

In advising the audience on how best to make a difference in today's environment, he said that data is gold today.

“Pull people around the table who own the data,” he said. The message that must be conveyed: “This is not the time to cut back on security.”

To achieve this, the key challenge for IT security staff is to get their colleagues to understand the risk environment.

“You have to understand the business to understand the risk," he said. "There needs to be full alignment between business needs when doing risk assessment."

Bring plans up to date and focus on a long-term strategy, he added.

“Guide the discussion about solving technology and long-term expectations.”

And by all means, become familiar with all the latest gizmos and technology offerings being used in the corporation. To illustrate his point, Schmidt explained that when security colleagues expressed incredulity at his creating a Facebook page, concerned about the privacy implications, Schmidt answered, “If we're not using it, how are we going to understand it?”
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in News

Federal Trade Commission appoints new chief technologist

The government agency has announced Ashkan Soltani as its new chief technologist, according to a release.

Cybercriminals continue to piggyback on Ebola news

Email samples discovered by researchers at Trustwave reveal how attackers are infecting users with the DarkComet Remote Access Trojan.

ISA president urges state AGs to expand understanding of cybercrime

Speaking at a National Association of State Attorneys General conference, ISA's Larry Clinton asked the AGs to step up efforts to get more resources.