Not all the proven practices of the past work in today's interconnected, heterogeneous world. Here's what you need to do differently
"We shall fight on the beaches. We shall fight on the landing grounds. We shall fight in the fields and in the streets. We shall fight in the hills. We shall never surrender," said Winston Churchill in his famous June 1940 speech in the face of Nazi attacks on England. His earlier committment to the goal of victory, "however long and hard the road may be," is an apt analogy to the security battles that enterprises face.
The bad guys are persistent and sophisticated, and they're making inroads. It is hard to be optimistic when customers, investors, and regulators expect us to totally protect precious assets and preserve privacy, while some governments and vendors on whom we depend are themselves compromising our data, software, and networks.
The fight for security is harder than ever. Most organizations are fighting today's war with yesterday's tools and approaches -- such as protecting perimeters with passwords and firewalls -- and losing. There is too much emphasis on walling off our data and systems, and a misplaced belief that the secured-perimeter approach is adequate.
We've talked to dozens of security experts, industry experts, and business executives to come up with a better framework for security today. What follows is that framework.
Already an Insider? Sign in
This story, "How to rethink security for the new world of IT" was originally published by InfoWorld.