The Two Cornerstones of Next-Gen Cybersecurity (Part 2)
In my last blog, I described a new security mindset to address the lack of control associated with “shadow IT.” As IT loses control of some of its traditional assets, my suggestion to CISOs is to double-down on security controls and oversight for the things they still own. In my humble opinion, there are two key areas to focus on: ensitive data and identity. Everything else – applications, endpoints, networks, and servers – must kowtow to these two cornerstones and enforce specific data security and identity policies.
In Part 1 of my blog, I described how data security must become smarter about the sensitivity of the content and where it resides across enterprise and 3rd party networks. Aside from deeper data intelligence however, we also need much deeper identity intelligence than the basic user name, password, and role descriptions we have today. This makes identity the other cornerstone of next-generation cybersecurity.
As enterprise IT morphs into “shadow IT,” identity management will act as an anchor and must include:
To read the complete article, CLICK HERE