From: NetworkWorld
By Jon Oltsik
Leading organizations are investing in new controls for sensitive data protection
CISOs tend to spend the bulk of their cybersecurity technology budgets on endpoint, server, and network security controls. Okay, this makes sense from a historical perspective but these IT assets are in a state of flux today. Endpoints are often mobile devices rather than Windows PCs while servers are virtual or cloud-based workloads. Meanwhile, networks are also moving to a virtual model composed of public and private network segments.
It’s clear that organizations embracing new cloud and mobile infrastructure have less control of some IT assets than they did in the past. What does this mean for security? One CISO I spoke with a while ago gave me a very succinct answer to this question: “As I lose control over IT infrastructure, I better make sure I have tight control over two other areas – sensitive data and user identity.” In this security executive’s mind, data security and identity and access management (IAM) are rapidly becoming new security perimeters.
Leave a Reply