Image Attribute: Flickr/Creative Commons/bluecoat.com
Information Security (InfoSec) solutions is a big business. Corporations spend huge money to solve the problem(s), but perhaps the approach is not quite substantial. Overall, the industry needs to have a top-down approach. For that to work, IT leaders must communicate effectively with the board of directors and C-level executives. Here are some tips provided by Mr. Kenneth T., Vice President - Security Solutions, G-Secure Labs.
According to Kenneth in a recent interview at an online tech magazine, "InfoSec is a key focus area for Gateway Group. It is one of key growth areas globally and also the focus of our comprehensive solutions to customers. With our customers going to the cloud more often, Privacy and Data Security have become the primary areas of concern. We have deep expertise and knowledge of the various IT systems that our customers use which enables us to design and implement solutions that are most effective."
Any CIO’s top three priorities when it comes to deployment of security:
Visibility: With the IT perimeter becoming porous and borderless with a variety of systems becoming part of the IT infrastructure, CIO’s are always looking for ways to improve visibility. In any large IT environment, there are bound to be multiple blind spots in terms of physical assets, unknown applications, and even sensitive data.
Compliance: External and Internal compliance mandates are a top-of-the-mind subject for CIO’s. With the number of breaches increasing with impact brands and business propositions, Boardrooms are more vigilant and engaged with the Information Management Systems. The regulators also to ensure confidence in the system are constantly updating controls and mechanisms to counter the latest threat vectors.
Response and remediation: IT system breaches are happening at a blinding pace. Every time the InfoSec team builds a new system there is a different or a new threat to counter. In this environment, it is inevitable to be either a target or victim in the cross-fire. Most CIO’s have acknowledged that at some point there is a possibility of a serious threat, this is nightmarish. Hence response and remediation mechanisms and processes are very critical. Though the CIO always hopes for not having to use this capability but is always prepared.
Top 3 challenges faced by solutions provider when it comes to deployment and maintaining of service delivery related to security:
People: Many well-accepted reports and studies put the global figure at one million cyber security job openings. Demand is expected to rise to 6 million globally by 2019, with a projected shortfall of 1.5 million. This is very relevant for India also. InfoSec professionals are in high demand, however, the lack of quality training facilities and low awareness levels has led to fewer people with desired qualifications and experience. As a Service Provider to the clients, InfoSec solution providers need to deploy a continuous process of training for the internal teams so that they can deliver the right services to their respective clients.
Enablement: Training and career programs for professional growth are lacking in the industry. All vendors have their specific programs, which does not offer the holistic view of the security framework. What is needed is a vendor neutral approach to people training and enablement which will ensure that we have better-prepared teams to respond.
Changing Landscape: The Infosec landscape is changing at a very rapid pace. With device proliferation increasing and infrastructure becoming borderless, threat vectors have become very difficult to point out. Any InfoSec service provider has to be at par with the latest threats and mitigation strategies. It is always a catch-up game.
A "take" on Early adopters
The financial sector is the quickest to adopt the latest cutting edge technology. They definitely do not look at is only from a cost-spend perspective. For this very crucial sector being ahead of the bad guys is primary. However, most of the other industry verticals are less pro-active. ROI and TCO are still the primary focus in Technology and Manufacturing industries.
Over the last few quarters, with the rise of high profile attacks which have been covered well by media, much of the industry is now being proactive. In near future, outsourced Security will be more commonly adopted and services will be SLA driven across all the industries.
About G-Secure Labs:
G-Secure labs, the security arm of the Gateway Group which has been in this business for more than 12 years. The company is always ready to e-protect and ensure business continuity for their clients across industries including the most critical Banking, Financial services and Insurance (BFSI) segment with well-trained resources and robust backend infrastructure and knowledgebase to deliver the highest level of Security Services to the customers.
Gateway Group a global information technology services, solutions, and product engineering company is marching towards successful completion of two decades in the ever-growing IT industry. The parent organization, through its various offerings including multimedia, information security solutions and mobile development and testing services reaches their customers across 30 countries in 5 Continents.