The Enterprise CIO Forum (ECF) is a community for CIOs, CTOs and IT leaders in large enterprises. It is a venue for discussing ways to leverage technology to drive mission focused outcomes and the many related factors associated with improved IT support to enterprise success. The forum is easy to join, just register at http://enterprisecioforum.com and dive right in.
The community of CIOs and technology professionals at the ECF keep the discussion lively and topics vary but at the time of this writing there is quite a bit of discussion on ways to enhance support to business missions through smart cloud computing technologies/practices. There is also a clear emphasis on enterprise cyber security issues in recent dialog at the site. These topics of cloud and security are very closely related. We all seek the benefits of cloud computing but we want them with confidence that our data is protected and always available.
CIOs are seeking and posting new ideas and concept on topics like proactive, intelligent and manageable security solutions. We have all long realized that the old methods of reactive, perimeter-based approaches to security are not sufficient and with the acceleration of mobility solutions into almost every enterprise this point is underscored. Enterprises must have full spectrum defense in depth solutions that address the new shifts in enterprise IT.
Here are a few examples highlighting the dialog underway:
Christian Verstraete posted a terrific piece titled “Keeping Cloud in mind when you look at your security” where he underscored the shift we all need to make from reactive to a more proactive security strategy and captured very well the fact that old models that tried to seek 100% security are just not appropriate anymore. The modern security world requires an ability to take a comprehensive view of the enterprise, the threats and the dynamically changing nature of enterprise IT and move from old defend the perimeter/reactive models to more proactive models. Being proactive doesn’t mean you stop everything you have previously been doing. But it does mean you need to pay more attention to the threat and anticipate more of their moves and be able to take action in advance of an attack to enhance your defenses. Additionally, recognizing no system will ever be 100% secure means we must have ways to operate and serve the mission with a presumption of breach, so damage by an attacker can be minimized, stopped and systems restored to full function fast.
Ken Larson provided an excellent piece that hit on themes we all need to think through. Like the tendency to treat data center security like fortress security. His entry, titled “3 Focal Points for Data Center Protection“, respects the fact that datacenters must have secure facilities, networks and infrastructure, but highlights new focal areas that must be considered and addressed because of the changing world of enterprise IT: 1) Threats/vulnerabilities, 2) Legal and Regulatory environments, and 3) New IT assurance capabilities including new ways of agile governance.
Those pieces are just a sample of the dialog underway at the ECF. Please visit today and register and join this dialog.