Subscribe to the RSA blogs and podcasts for the latest posts and security updates!
Last week, Atos, VMWare and EMC announced the creation of a new company, Canopy, dedicated to providing cloud services. One of the best things about this announcement, from my point of view, is knowing that for Canopy, security is no afterthought. This time, it’s part of the DNA. You may have heard of Atos as [...]
The bad guys are getting smarter, more creative, and more persistent, so what are we doing in response? I can’t tell you how sad it is to hear some of the things when asking how companies are shifting their security programs in order to combat advanced threats.
Whether its data that’s governed by regulations or vital to a company’s competitive advantage, every organization has information they’d like to protect from outsiders. One logical place to start when looking to protect this information is with a Data Loss Prevention (DLP) tool. But, what many companies struggle with is how to figure out what information is sensitive for different groups and how it should be handled. Everyone knows that there is highly sensitive data across the organization that needs to be protected, but how do business managers let the IT security team know what specific data needs to be protected?
I recently returned from Berlin after attending the EMEA RSA Channel Partner Council with the purpose of discussing RSA’s Security Management and GRC strategies within Europe. For many of the RSA channel partners, this was their first exposure to these concepts. Channel partners have a unique perspective because they are on the front lines selling products and providing implementation services Their success is directly influenced by RSA’s ability to provide the right training, messaging and tools to make them effective.
The “team sport” theory can be applied to a company’s control environments as well. The classical “defense in depth” approach quickly comes to mind. Controls always depend on a collection of activities. As Risk and Compliance professionals, we all know the “single point of failure” is a verboten persona non gratis.
I just participated in the first ever RSA Conference China, so while I am taking a moment for my Peking duck to digest, I wanted to tell you about the experience and relate some of my thoughts coming out of the event. Presenters from all over the world, including some from China’s government ministries, covered topics including cloud computing, core information security, fraud and virtualization. The well-attended event was another indicator of the global nature of business and created much buzz in the local industry. I had the honor and privilege to present on enterprise governance, risk and compliance as a core business philosophy and its importance in achieving strategic business objectives.
