RSA's Art Coviello spells out security challenges ahead

Coviello gives his insights on the security landscape and what needs to be done by CIOs to counter the relentless onslaught of threats
Page:

Art Coviello, President of RSA and Executive Vice President of EMC Corporation, talks to Computerworld's Siobhan Chapman about enterprise threats, IT security spend and the rising threat posed by social networks.

This year has seen a multitude of lost and unsecured laptops leading to data leakages. Will enterprises ever learn?

Enterprises are beginning to get to grips with a fundamental truth: that they cannot expect users to do the right thing at all times with company data. It is too much of a burden on users to expect them to be the primary stewards of corporate security policy over their laptops, desktop PCs and mobile devices. As a result, enterprises are turning to data loss prevention solutions that are designed specifically to combat this problem without the need for user intervention. Using this approach, corporate policies are pushed thorough the fixed and mobile environment and can actually help decide, based upon the type of data, on what to allow and what not to allow. With this in place, you can determine what is safe and permissible, what is unsafe and should be prevented, or what is risky but requires administrator alerts.

This type of technology puts the responsibility and burden of control of sensitive company information in the hands of security professionals - and not onto the end-users. The infrastructure needs to be able to protect itself and the data that transacts through it. You will be charged millions for embarrassment, but not one cent for defense.

Should companies be more open about whether or not they have had a data security breach and the damage caused?

The reality is that many organizations today are still not in a position to determine exactly what has transpired - or to what extent - when a breach occurs. This is because they are often not equipped with a complete view of all the data that is produced by, stored in or that passes through their network in the first place. It's a major issue, but a critical one if businesses are to gets their arms around the digital explosion and get themselves into a position to manage the data they have holistically and appropriately. I would like to see companies focusing their efforts on clearing this hurdle and managing their complete information landscape according to the specific, associated risks.

Page:
More about: EMC, Financial Institutions, Gartner, Leader, Leader Computers, Motion, RSA, Vigilance

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/14/gimp/

GNU Image Manipulation Program (GIMP)

When you think Open Source software, you may think of half-baked programs too hard to use, or perhaps lacking power. Well, think again. This Open ...

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia