The need for a unified strategy will grow more urgent. From a corporate risk management perspective, IT security is not just for keeping viruses, hackers and crooks at bay; it's also critical in order to stay compliant with regulations, avoid litigation and indictment, and prevent escalating insurance premiums.
But if IT security isn't integrated into an enterprise risk management strategy, CIOs and CSOs are less likely to consider the entire risk picture when they develop an IT security strategy. As a result, fundamental questions such as how much risk is acceptable are being overlooked. Integrating security and risk strategy won't take place overnight—it's too big a shift in how security is understood for that to happen, and requires a change not just in security policy but in security governance—but it will take place over time.
-
The Role of Standards in Cloud Security
Security is often cited as a primary cause for concern...
Watch Now -
Ensuring Resources for Mission Critical Workloads
Application workloads can thrive in cloud environments,...
Watch Now -
Improving Security in the Public Cloud
One of the main concerns about moving data to a public...
Watch Now
