CIOReview
Sign In

Subscribe to our Weekly Newsletter to get latest updates to your inbox
| | May 20178CIOReviewCompanies need the flexibility to transform the way they do business in order to meet the market demands and security needs to transform its thinking. We know that technology hasn't stopped evolving therefore adoption continues to grow at a rapid rate. This means security has to stop being viewed as the sales prevention team. The fact is security must become nimble enough to react to the changing demands and priorities of their business partners or they will be pushed aside in the interest of growing the bottom line. So how does security raise itself to the right level and be a key priority for the business. Education and awareness is one key to how you cultivate the security behaviors necessary for success, and even better if you can make it a key corporate goal or priority. One example is educating people about the harm that can be done by clicking on links from unknown sources to raise their awareness to phishing and other malicious activity. This process must be closely followed up with testing them on how well they're performing and is an excellent way to keep employees on their toes. Keep in mind that educating them on what happens when security isn't a priority is also a great way to change behavior. No one wants to be the person that is deemed the weakest link. Many people have tied this to performance goals of their employees with good success.Today's digital transformation requires security professionals think outside the box and develop new ways of handling the dynamic way our companies adopt and use technology. Some are moving towards developing a `cloud first' strategy which means they are moving as much as possible into cloud based service offerings or `as a service' models. Cloud creates unique challenges for many companies who have a perception that they will lose control of their data, could suffer catastrophic outages or data breach. These are all the same concerns they should have with in-house systems which often isn't the case. I have a strong opinion that some companies would increase their security posture if they moved to the cloud for some of their basic back office automation capabilities like email, calendar, etc. There are also plenty of options for `brokering' the move to the cloud which can help eliminate some The Goldilocks Theory for Risk ManagementBy Patricia Titus, Chief Privacy & Information Security Officer, Markel Corporation [NYSE:MKL]As companies continue to adopt cutting edge capabilities and technologies to help build the bottom lines, security must do the samePatricia TitusIN MY OPINION
< Page 7 | Page 9 >