Enterprise Security organizations often find themselves caught between the ever-changing needs of the agile business, and the ever-present, ever-evolving threats to that business. At the same time – all too often we security professionals get caught up in “shiny object syndrome” which leads us to spend poorly, allocate resources unwisely, and generally de-couple from the organization we’re chartered to defend. Knowing how to defend begins with knowing what you’ll be defending, why it is worth defending, and who you’ll be defending from… and therein lies the trick. This blog takes the issue of enterprise security head-on, challenging outdated thinking and bringing a pragmatic, business-aligned, beyond the tools perspective … so follow the Wh1t3 Rabbit and remember that tools alone don’t solve problems, strategic thinkers are the key.
Rafal (Principal, Strategic Security Services)
Lots going on in the enterprise space right now, including the rush to push out mobile apps. They're springing up like weeds, replacing websites, and are gaining multi-factor authentication for security... but wait, does any of this added security make sense, especially on the mobile platform?
The mobility 'revolution' in the enterprise has been a wake-up call (or a call for panic) for many enterprise IT and enterprise security managers and professionals. My pal Brian Katz who is a mobility manager for a large enterprise poses some fantastic questions in a blog post from his point of view, so I had to give my 'security' position as well ... the problem is, I don't think we have a solution anyone's comfortable with!