Identifying security innovation strategies
by Mirko Zorz - Editor in Chief - Monday, 14 April 2014.
Regarding innovation, a few major trends are top-of-mind with IT professionals and security practitioners – Big Data, Cloud, SDN and Mobility. While these trends offer tremendous business benefits to organizations that can leverage them, they have the added challenge that LOB wants them ASAP and will work around IT to get them. IT may be willing to provide the capabilities but must ensure their duties to the corporation are met – that is the essence of one of items that keeps them up at night.

In addition, with respect to KTBR, IT needs to ensure that widespread breaches aren’t going to impact them. This means making sure that protections in place are adequately manned, and have appropriate processes in place to succeed in the face of a determined attack, whether launched from a POS terminal or the internet. Basically, do we have the right people trained, are the best tools in place, and are the appropriate processes being followed?

From an IT security perspective, we are anxious about where the breeches will occur, will we respond quickly enough, will we follow our existing security-privacy practices and policies. Are we doing enough to protect our customers’ data, employees’ personal data, our organizations’ data & intellectual property?

How can we make information security ubiquitous for all users on every device?

A great vision! From Intel’s perspective in the industry, it has been exciting to apply Moore’s law to making security measures easier to deploy, more efficient and more hardened. And it’s exciting to see OSVs improving security in devices of all types. But ultimately, ubiquitous information security won’t come from technology alone. It’s going to require user learning and a change in habits, and that may be much more difficult than any technology innovation.

When you look into your crystal ball, what security challenges do you see in the near future? What should we start preparing for?

We need to keep striving for highly resilient and trusted code execution. Today’s curated app stores offer users some security benefits, but we need to assume and plan for malware to break those protections and to escape detection. Which begs the question, how can we create strong isolation and protection for data and credentials in dirty environments? I’m excited that the next few years could bring real advances.

Also we need to complement our security thinking with a commitment to “privacy by design.” Some innovative thinking on this front has come from the Privacy by Design Centre of Excellence. My Intel colleague David Hoffman is an ambassador for the Centre, and David's comments are very helpful, as are the writings of Ann Cavoukian, Ph.D., founder of Privacy by Design.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Feb 8th