Computer Associates International (CA) senior vice president and chief security strategist, Ron Moritz, has called for a radical redefinition of security management and urged that organisations integrate their business continuity, physical and cyber security functions.
In a keynote session at the recent RSA Conference in San Fransisco entitled 'The physics of security: from containment to enablement', Moritz called for an end to current fragmented approaches to access, authentication and auditing operations. He stressed the need for total security management across IT and facilities systems in order to enhance responsiveness to new threats and reduce business risk.
"If someone is using their ID badge to gain access to a facility in one city while they are apparently logging into one of your systems from an access point somewhere else, you should know that," Moritz explained.
"That is just the simplest example of the type of vulnerability that goes away once you take a more integrated approach to enterprise security."
Moritz suggested the further convergence of responsibilities under the chief security officer (CSO), including business continuity, privacy controls, regulatory compliance and private/public-sector partnerships against crime and terrorism. This convergence requires leadership by individuals with unique skills that encompass both technology and business.
According to Moritz, as security management becomes more of a 'board room' issue, CSOs must develop new skills to manage security - which is a horizontal, enterprise-wide discipline - across corporate cultures that are still organised in traditional vertical units.
Those limits are essential to avoiding the dangers of theft, damage and lawsuits, according to Moritz. The security model has shifted and much of the work should now be about enabling and supporting the controlled release of information.
For more information contact Computer Associates, 011 236 9111.
© Technews Publishing (Pty) Ltd | All Rights Reserved