Internet of Things
IoT Viewpoints explore the IoT opportunity in 2018 and beyond. Download our latest e-book to get our newest collection of thought leadership articles on the emerging IoT trends, technologies and opportunities.
Despite a continuing string of high-profile information security breaches, many organizations still have a very poor understanding that they will certainly be subject to similar failures. There is also a lack of planning regarding how to react when these events occur. CEOs and executive boards need to ensure that information security is consistently on their agenda, and that there is a clear mandate at a senior level to assess risk, report status, and respond to incidents.
Certainly, most businesses will have the appropriate security solutions in place, and can point to malware detection, firewalls, email security measures, identity and access management, security intelligence, and any number of other elements designed to keep attacks at bay. However, the majority of security breaches are attributable to failure of process, rather than of technology, and organizations need to take an end-to-end business-focused view of their security planning and response.
It is interesting to compare the ways in which we treat financial and information resources within our organizations. The CFO has an absolute mandate to put in place the checks and controls that ensure financial resources are monitored and accounted for to the last penny. This culture is second nature to all employees, in that we know that accurate billing must take place, expenses must be accounted for, and the defined procedures are followed to the letter.
Contrast this with the way that information is treated in most organizations. There is rarely anyone with a clear mandate at a senior level to manage and safeguard information, and very few controls in place that monitor information in any way that mirrors these financial processes. The security measures attempt to erect fences, but they don’t track what happens to the assets that sit behind them. This is somewhat akin to locking the till, but never bothering to count what is in it.
Organizations must therefore put greater emphasis on the value of information assets and the processes in place to protect them, as well as the awareness of these controls by all employees and stakeholders. They must be able to report swiftly, accurately, and simply on the status of these assets and their controls at board level, giving a clear picture of information security risk and response in the context of business operations.
Straight Talk is a weekly briefing from the desk of the Chief Research Officer. To receive this newsletter by email, please contact us.
Consumer & Entertainment Services
By Adam Thomas 28 Mar 2018
With US pay TV having endured the worst year in its history, thoughts have inevitably turned to the future. The likelihood remains that the immediate future will remain highly uncomfortable for everyone except the scaled multinational digital platforms.
By Evan Kirchheimer 26 Apr 2018
Service provider interest in justifying 5G investment through its potential to open new revenue streams from the enterprise segment is growing ever greater.
Europe, Middle East & Africa team - +44 (0) 207 017 7700
Asia-Pacific team - +61 (0)3 960 16700
US team - +1 646 957 8878
Already an Ovum client? Login to the Knowledge Center now