Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Network Security, Security Strategy, Plan, Budget, Incident Response, TDR, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

RSA 2013: CISOs make security – and business – sense of new technologies

CISOs from various industries on Tuesday shared pragmatic ways to engage corporate decision makers on emerging technologies – particularly, those that implement or address trends like Big Data or bring-your-own device (BYOD).

Security executives from RSA, Johnson & Johnson, JP Morgan Chase, T-Mobile USA, and Automatic Data Processing (ADP) spoke at the RSA Conference in San Francisco on the benefits of rolling out Big Data projects.

Roland Cloutier, vice president and CSO of Roseland, N.J.-based payroll service provider ADP said Big Data, which involves aggregating, searching and analyzing voluminous information sets to make intelligent business decisions, is a game-changer.

“If you're business is going to survive, you are going to have to use Big Data,” Cloutier said. “It's a new way to look at the data in your organization.”

Speaking of emerging technology, Anish Bhimani, chief information risk officer at JP Morgan Chase, said that when protecting corporate mobile devices, or those brought into company networks through BYOD, a one-size-fits-all approach won't work.

Successful mobile security efforts should, for one, take into consideration which mobile platform employees use, he explained. Android, for instance, has had a particularly checkered history concerning malware threats to users.

“Assume the endpoint is untrusted,” Bhimani advised attendees, calling it a “liberating” approach. “Then you can design all your controls around that [notion]."

Marene Allison, worldwide vice president of information security at Johnson & Johnson, said that often times management makes the mistake of thinking BYOD saves organizations money – as they are cutting out the cost of supplying devices to employees. But investing in security for these smartphones and tablets actually proves to be more expensive, she said.

In regard to convincing management that investments in an array of emerging technologies are vital to business operations, Allison said security pros should explain the ins and outs of the latest industry buzzword or solution.

“Once you start having that dialogue, you become the go-to source no matter what,” Allison said. This will show management – even those faced with tight or shrinking budgets – to realize “you can't afford not to do it."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.