RSA CISO Eddie Schwartz says he spends more time talking to other chief information security officers and IT security practitioners today than he did a decade ago, when he held the same job at Nationwide Insurance Co.
Acquiring information security wares gets more complicated every day - some 1,000 vendors offer 150 categories of products - so it's unreasonable to expect even the most informed chief information security officers to know everything about them.
Gartner's Tom Scholtz doesn't see a shortage of technically skilled IT security practitioners. But he perceives a dearth of infosec pros who truly understand how security links to an enterprise's business goals.
Gartner's Peter Firstbrook, to illustrate the vulnerability of IT systems, cites research that pegs at about 400 days the average time a targeted virus remains undetected on a computer. And, he says, that doesn't speak highly of the current offerings from security vendors.
Georgia Tech Research Institute is beta testing a malware intelligence system that research scientist Chris Smoak contends will help corporate and government security officials share information about the attacks they confront.
What are the top challenges with the bring-your-own-device trend? Stephen Midgley, vice president of global marketing at Absolute Software, says the top issue is organizations not knowing where their data is located.
As BYOD continues to become more commonplace, mobile application risk management aids in identifying the risks on those devices and implementing policy to protect enterprise data, says Domingo Guerra, president and founder of Appthority.