Network World – U.S. Secretary of Defense Leon Panetta may be laying awake at night worrying about the threat of cyber warfare, but the typical CIO or CISO is thinking about much more mundane security threats. Wisegate, the online professional networking organization for IT and information security (infosec) professionals, has just released its report, Preparing for the Top IT Security Threats of 2013. The report reveals the typical infosec concerns that lead many CIOs’ agendas for the year ahead, as well as the strategies that these leaders are using to reduce risk for their organizations.
The CIOs and CISOs who contributed their perspectives represent a wide range of businesses and agencies. Despite their diverse business interests, the executives agreed on one major threat area that concerns them all: BYOD. Most likely BYOD is on your list as well. Among their other major threat concerns are:
The tendency for departments to engage in cloud computing without IT’s knowledge or approval
Protecting corporate data in the face of the other factors listed above
The No. 1 concern is BYOD
It’s no surprise that BYOD leads the list of concerns. This practice opens up new areas that are unfamiliar to many IT departments. Everyone is struggling with the same issues and trying to answer the same questions.
How can we prevent data theft, loss or leakage when employees are using their own consumer-oriented smartphones, tablets and applications?
What rights do we have to lock down or wipe a device that is owned by a worker and not by the company?
How can we ensure that workers keep malware off their devices that they want to connect to the corporate network?
How can we possibly support employees’ devices that sport such a large variety of operating systems, applications, firmware and mobile carriers?
Wisegate members offer some of the strategies they are using to reduce the risk of BYOD. One way these infosec professionals are leading the way is through employee awareness of security issues and good practices. According to the report, workers understand why a company-owned laptop might need to be encrypted, but they don’t understand why they can’t have Angry Birds and a PCI-compliant application on the same iPad. It’s incumbent on the IT department to create awareness, especially of “safe use” policies and procedures….
Another shot at what IT leaders prepare for their top IT security threats of 2013
Ingen kommentarer:
Send en kommentar