Proactive Security Management - “The next BIG focus“

IT Trends and challenges:

World is becoming Instrumental, Interconnected and Intelligent. IT security teams in enterprises are faced with rapidly mutating threats at every possible point of entry. This is fuelled by the fast evolution of threat landscape and sea of changes in network and security architecture.

  • Changing network paradigm
  • Network has taken center stage – Wired or wire-free
  • Excitement starts from data center
  • BIG data – A true differentiators
  • 100% up-time
  • BYOD demand
  • Rapidly mutating threats
  • Roll out new services



PC era                                    Cloud era / Visualization

Deploy -                                 Deliver

Lock-in –                               Option

Rigid –                                   Elastic

Fixed cost –                           Variable

Complex –                              Simple

Simply summaries as Evolution VS Revolution. This underlines today’s situation Security is no longer optional.

(Read more: Concept note - CISO Recommendation Index- A community based product rating framework)

At the same time let us look at what business wants?

  • RoI – Or more than that
  • Aligned with IT (and Finance)
  • Technology updates
  • Skill set
  • Capex VS Opex
  • Tangent VS in-tangent

Now and into the future

So, what is stored for IT?

The challenge – Stability VS growth

Every improvement is a change, which calls for change management. It calls for a Strategic case:

  1. Necessitating
  2. Different potential
  3. Can we afford?
  4. What is the main driver?

If it is unplanned, it may end up in RoNReturn on Negligence. It becomes important for measuring IT Savvy. By using newer gadgets at different levels, it is improper to consider as IT Savvy organisation. Better to consider other points as well to quantify.

  1. Internal and external communication
  2. Internet use
  3. Digital transaction
  4. Organisation-wide IT Skills and Cyber (Law) awareness
  5. Business management – Involvement
  6. Compliance
  7. Certification
  8. Indian (Country Specific) context
  9. Roll back – What sort of data and when? – Basically point to RISK management
  10. Data recovery

(Read more:  Top 5 Application Security Technology Trends)


  • “IT” is at the heart of organisational identity
  • We are good at what we are doing.  (But needs lots of muscle..!)
  • Data Driven or intuitive
  • Allocation of capital and manage risk in a policy manual
  • Shared services and Process integration method
  • Global sourcing with SLAs.

One needs to enhance INFOSEC department with capability for different level of services and appropriate timely training. To lead the way, need security management tools that give continuous visibility into network; non-disruptive ways to proactively assess the risk of attacks. Allow to handle intelligent, actionable security recommendations. This is to make existing defences more effective at minimising vulnerabilities and risk.

Organisations typically maintain large application estates to power the business. It is well known fact that applications represent one of the most vulnerable channels. Therefore, organisations require an experienced security team with a core understanding of how to deal with application environment and project to the management.

Latest trend is so horrible, firewalls; IPS, gateways and Antivirus solutions are nearly defenceless against new threats like Advanced Targeted Attacks. Every organisation is at risk to this next generation of threat. By assessing “callback” information one can begin to take more realistic look at the threats, organisation will likely face, and the steps needed to guard against those attacks.

More:  Want to be an author? Nominations open for co-authors of CISO Handbook    



Views: 269

Join the Discussion ...

You need to be a member of CISO Platform to join the discussion!

Join CISO Platform


Security Trends and Emerging Technologies That A CISO Should Adopt In 2021

Started by Priyanka Aash Mar 3. 0 Replies

What are the challenges you as a CISO have been facing since the last year and share some security trends that are catching up? Help the community by sharing your knowledge and personal views on this subject. Or if you have any specific questions…Continue

CISO as an enabler

Started by Maheshkumar Vagadiya Jul 30, 2020. 0 Replies

Share the instances where you were able to convince the Executive management /board that CISO function is enabler rather then a hindrance.Thanks youMaheshContinue

Has Anyone Evaluated Digital Signature (like Docusign)?

Started by CISO Platform. Last reply by Yogesh Nov 19, 2020. 2 Replies

(question posted on behalf of a CISO member)Has anyone evaluated digital signature (like Docusign), any specific risk/ security areas to be looked into while finalising a vendor? Any and all inputs will be very much appreciated.Continue

What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?

Started by CISO Platform. Last reply by ANAND SHRIMALI May 20, 2020. 4 Replies

(question posted on behalf of a CISO member)What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?Related Question: …Continue

Follow us

Contact Us


Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2021   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service

/* */