This year, the information security industry has given all of us a gift of sorts: a bumper crop of innovative new tools. That, of course, is at least in part because the bad guys have offered up their own gifts, and they are more like the proverbial lumps of coal in our stockings than they are like diamonds and jewels.
This issue is always a sort of early holiday party for me. I get to chat with colleagues and I get current on not only what is new, but on what is coming up. That look into the future, usually under nondisclosure, probably is the most fun.
Like most of you, I am tasked with keeping the organization safe from online bad guys. These days, I am in academia, but along with running Norwich University's Center for Advanced Computing and Digital Forensics and teaching, I am the university's CISO. So I have the same vested interest that you do in staying as up to date as I can on the information assurance world.
We are fortunate to have a rather secure environment, even though we house a couple of thousand students, many of whom are very skilled computer users. Being students, there is no shortage of mischief among them. Because of the advanced tools that our IT department deploys, though, we stay pretty tight. Many, if not most,
of those tools have appeared in these pages. Some, I am pleased to say, have been SC Magazine Innovators and there is even a Hall of Famer or two in our inventory.
What all that boils down to is that the combination of the opportunity to discuss what's next with these creative companies and the exposure to the same types of challenges that you face puts us in a good position to bring you the best of what's out there for your security tool kit. We have a very picky IT department at Norwich. They don't take on a security tool lightly. They test and deploy in a sandbox and then they roll it out, gently at first, and then they tighten it down. So I was pleased to note that a trend among our Innovators this year was ease of use.
Further, compliance is as big an issue for us as it is for many of you. The trend for years has been that any security tool worth its salt must help with the compliance challenges that most of us face. This year, compliance was not part of the creative mix because for just about all of these companies under review it is already assumed to be baked in. Two years ago, compliance could be counted on to spawn creative new approaches to documentation, policy development and deployment of appropriate levels of protection. Safeguarding the network was no longer enough. Then we had to show – in appropriate format – that we were protecting our data. Today, though, it is assumed.
So the bottom line, if there is one this month, is that it has been a great privilege for me to work for two organizations that are so closely in tune. For the pages of SC Magazine, I get to see a lot of great products, creative organizations and smart people. For my other job, I get to apply what I learn directly in our IT shop, my university's center and in my classes. That gives me a unique perspective. And that perspective, this year, is my holiday gift to you. Enjoy!