Apac
  • Home
  • CXO Insights
  • CIO Views
  • News
  • Conferences
  • Newsletter
  • Whitepapers
  • About us
Apac
  • Admired Tech

    Agile

    AI Healthcare

    Artificial Intelligence

    Augmented Reality

    Aviation

    Big Data

    Blockchain

    Cloud

    Cryptocurrency

    Cyber Security

    DevOps

    Digital Transformation

    Drone

    HPC

    Infrared

    Internet of Things

    IT Services

    Marine Tech

    Networking

    PropTech

    Remote Work

    Robotics

    Scheduling Software

    Sensor Tech

    Simulation

    Smart City

    Software Testing

    Startup

    Storage

    Unified Communication

    Web Development

    Wireless

  • Automotive

    Banking

    Capital Market

    Construction

    E-Commerce

    Education

    FinTech

    Food and Beverages

    Gov and Public

    Healthcare

    Insurance

    Legal

    Logistics

    Manufacturing

    Media and Entertainment

    Metals and Mining

    Pharma and Life Science

    Retail

    Sports

    Travel and Hospitality

  • CISCO

    Google

    IBM

    Microsoft

    Oracle

    Salesforce

    SAP

    ServiceNow

  • Business Intelligence

    CEM

    Cloud-based Planning

    Cognitive

    Collaboration

    Compliance

    Contact Center

    Contact Tracing

    Contactless Payments

    Corporate Finance

    CRM

    Custom Software Development

    Data Center

    Digital Signage

    Enterprise Architecture

    Enterprise Asset Management

    Enterprise Communications

    Enterprise Contract Management

    Enterprise Performance Management

    ERP

    Facility Management

    Field Service

    Fleet Management

    Gamification

    HR Technology

    IT Infrastructure

    IT Service Management

    Managed Services

    PLM

    Procurement

    Product Management

    Project Management

    RegTech

    Revenue Management

    Sales Tech

Menu
    • Compliance
    • CISCO
    • Collaboration
    • Contact Center
    • Healthcare
    • IT Service Management
    • Microsoft
    • Retail
    • MORE
    #

    Apac CIO Outlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIO Outlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    • Compliance
    Editor's Pick (1 - 4 of 8)
    left
    Welcoming Big Data Technology amidst Changes

    Darren Cockrel, CIO, Coyote Logistics

    Leveraging Compliance to Your Advantage

    Mark Bloom, Global CIO, Aegon

    Demystifying the Role of IT in Millennial Organizations

    Jeff Fithian, VP, Strategic Initiatives and CIO, Dynamic Materials Corporation

    Lessons Learned from a CIO

    John Miller, Vice President and CIO, American Textile Company

    Digital Transformation: Prerequisites for Success in the Insurance Industry

    Nicole Kellenberger, Global Eadmin Lead, Swiss RE and Sven Scandella, Head of ITP&C Business Management, Swiss RE

    Compliance in the Cloud

    Vasyl Nair, Chief Risk Officer, Mine Super & Louis Leung, Executive General Manager Group Risk and Compliance, Mine Super

    Lessons Learnt on Compliance and Culture Change

    Paula Cristina Spirandio, Compliance Manager, Gunvor Group

    Vinayak Bindal, Sub-Regional Compliance Officer, Sea, Merck

    right

    Productivity and Security- Can you ever have both?

    By Julie Cullivan, SVP, Business Operations & CIO, Fireeye

    Tweet
    content-image

    Julie Cullivan, SVP, Business Operations & CIO, Fireeye

    Risk. It’s a four-letter word in more ways than one. Fear of risk makes us wait, put things on hold, and potentially cost us something: an opportunity, a competitive edge or an account.

    Sometimes it’s not only worth it to take a risk, it’s necessary. Businesses may need to change the way they do business, and that change may require a certain amount of risk.

    What many companies don’t believe is that it’s possible to do both—be productive and maintain security.

    Enterprise Risk Management

    The cyber security world is fraught with risk. And while we like to feel secure the fact is, breaches are inevitable. There is no question a security breach can happen to even the most prepared organisation, thanks to savvy, sophisticated threat actors. We develop a new way to protect ourselves and before it’s even in place, some hacker is ahead of the curve with a way to sneak past it. So if you can’t guarantee a breach won’t happen, the best you can hope for is to lessen your exposure to risk. Enterprise risk management is the best way to approach that.

    There are three fairly straightforward steps to managing risk:

    1. Measure

    2. Discuss

    3. Negotiate

    1. Measure: Your first task is to accurately measure your level of vulnerability. Just how much risk are you willing to accept? Zero risk is probably not an option for most of us. Just having a computer or a mobile device means there’s a potential for a breach. So first determine how risky it is, and then decide whether a new way of doing business is worth that risk. Say you’re considering whether to allow your employees to use a cloud application to store and share files. Is the need for them to share instantly more important than the risk of opening your network up to possible malware-infected documents?

    2. Discuss: It’s important to have buy-in from people across the company. A working team composed of cross-functional representation can do a lot of the legwork on the front end to assess the risk and how it will impact the company’s productivity. A decision to roll out a new HR system may impact finance, or may mean sales people on the road now need mobile access. This team can address the concerns and calculate the risk involved in implementing the new capabilities. Regular meetings are key here, because businesses, and their needs, change–but so does the threat landscape.

    A Security Breach Can Happen To Even The Most Prepared Organisation, Thanks To Savvy, Sophisticated Threat Actors

    Input from various stakeholders ensures you’ve thought of everything before taking an idea to the top-level decision makers.

    3. Negotiate: Consider creating an executive security steering committee. During regular meetings, this team should be updated on where the company currently is security-wise, and discuss security concerns that need to be addressed at the executive level. Sometimes you’re faced with a higher level of risk than you’re used to, and you may get push back from folks who are unwilling to take that leap of faith. If your working team has already discussed the pros and cons and concluded that it’s worth the risk, your executive team has the input they need from across the company to make an informed decision. This team should meet quarterly but may be needed in the meantime if a security need arises. Above all, it is key that this team understand that security is not simply an IT concern–it is an enterprise concern with company-wide implications.

    “The right combination of technology, intelligence and expertise can go a long way to protect your company’s network while keeping your company’s doors open for business”

    Lock the Doors

    While it may sound dramatic, an organisation needs to secure the perimeter before anything else. How secure are your firewalls? When is the last time you updated your anti-virus protection? Regardless of your answer, you probably aren’t doing enough to keep your company secure. Cyber attacks easily bypass traditional signature-based tools, which means you need a security platform that not only works to prevent a breach, but also detects possible attacks and helps you analyze and if necessary, responds.

    The Cloud and mobile devices are hot targets for hackers looking for a way in. The last thing you need is for an employee to potentially bring something into your environment by plugging in their mobile device into your secure network. The bad guys may already be targeting you from outside–don’t make their job easier by having one of your own inadvertently being the malware messenger. Does that mean you shouldn’t adopt a BYOD mentality? Not necessarily. Mobile access is the key to many business needs and can help your employees stay productive. It simply means you need to make sure you’re as protected as possible.

    And if your system gets compromised, you’ll need tools to respond and contain the breach and mitigate loss. These types of tools take time to implement, and your working committee and executive steering committee should discuss these as soon as possible to they’re prepared for the worst. The right combination of technology, intelligence, and expertise can go a long way to managing a compromised network and keeping your company’s doors open.

    Decisions

    Business needs change over time. When you’ve got to decide whether how to meet your changing needs, the decision ultimately comes down to a tradeoff between productivity and security. Things to keep in mind at this stage are the potential business impact, the impact on productivity, whether it will help drive the business or deliver service to a customer. These factors must be taken into account when determining whether to undertake a move that may carry additional risk.

    Other concerns: How important is this change to the company? Is it impeding the business’ operations to keep the status quo? Will this change open your company up to potential data leakage or privacy concerns?

    The bottom line is: you can have a balance between productivity and security. Keeping your company (and your customers) secure cannot mean total lockdown, because no one can do their work. Find a level of risk you’re comfortable with, take the necessary steps to protect yourself as best you can, and have a plan in place to contain a breach in the event it happens. And know that you’ve done everything you can to eliminate one four-letter word from your vocabulary, or at least, to tame it.

    tag

    Enterprise Risk Management

    HR

    Weekly Brief

    loading

    Featured Vendor

    • ACTICO: Leveraging AI for Compliance Management
      ACTICO: Leveraging AI for Compliance Management
    Top 10 Compliance Solution Companies - 2020
    ON THE DECK

    Content Management System 2020

    Top Vendors

    Contactless Payments 2020

    Top Vendors

    Admired Tech 2020

    Top Vendors

    Corporate Finance 2020

    Top Vendors

    AI 2020

    Top Vendors

    Travel and Hospitality 2020

    Top Vendors

    Startup 2020

    Top Vendors

    Networking 2020

    Top Vendors

    FinTech 2020

    Top Vendors

    CRM 2020

    Top Vendors

    Scheduling Software 2020

    Top Vendors

    Education 2020

    Top Vendors

    Business Intelligence 2020

    Top Vendors

    PropTech 2020

    Top Vendors

    Salesforce 2020

    Top Vendors

    Big Data 2020

    Top Vendors

    Simulation 2020

    Top Vendors

    Product Management 2020

    Top Vendors

    Legal 2020

    Top Vendors

    Remote Work 2020

    Top Vendors

    Cryptocurrency 2020

    Top Vendors

    CEM 2020

    Top Vendors

    Insurance 2020

    Top Vendors

    Data Center 2020

    Top Vendors

    Banking 2020

    Top Vendors

    RegTech 2020

    Top Vendors

    Wireless 2020

    Top Vendors

    Procurement 2020

    Top Vendors

    Cognitive 2020

    Top Vendors

    Drone 2020

    Top Vendors

    HR Technology 2020

    Top Vendors

    HPC 2020

    Top Vendors

    Pharma and Life Science 2020

    Top Vendors

    SAP 2020

    Top Vendors

    Food and Beverages 2020

    Top Vendors

    Cloud 2020

    Top Vendors

    Blockchain 2020

    Top Vendors

    Cloud 2020

    Top Vendors

    Logistics 2020

    Top Vendors

    Augmented Reality 2020

    Top Vendors

    Contact Center 2020

    Top Vendors

    Oracle 2020

    Top Vendors

    Cyber Security 2020

    Top Vendors

    E-Commerce 2020

    Top Vendors

    Compliance 2020

    Top Vendors

    Enterprise Architecture 2020

    Top Vendors

    Digital Transformation 2020

    Top Vendors

    Manufacturing 2020

    Top Vendors

    Agile 2020

    Top Vendors

    CISCO 2020

    Top Vendors

    Field Service 2020

    Top Vendors

    Contact Center 2020

    Top Vendors

    IoT 2020

    Top Vendors

    Microsoft 2020

    Top Vendors

    Retail 2020

    Top Vendors

    Aviation 2020

    Top Vendors

    Healthcare 2020

    Top Vendors

    IT Service Management 2020

    Top Vendors

    Top Vendors

    Big Data 2019

    Top Vendors

    Digital Signage 2019

    Top Vendors

    Sales Tech 2019

    Top Vendors

    Startup 2019

    Top Vendors

    Salesforce 2019

    Top Vendors

    AI 2019

    Top Vendors

    Google 2019

    Top Vendors

    Smart City 2019

    Top Vendors

    FinTech 2019

    Top Vendors

    Admired Tech 2019

    Top Vendors

    Big Data 2019

    Top Vendors

    IT Services 2019

    Top Vendors

    Business Intelligence 2019

    Top Vendors

    Education 2019

    Top Vendors

    Project Management 2019

    Top Vendors

    Enterprise Asset Management 2019

    Top Vendors

    CRM 2019

    Top Vendors

    Data Center 2019

    Top Vendors

    PropTech 2019

    Top Vendors

    Capital Market 2019

    Top Vendors

    Travel and Hospitality 2019

    Top Vendors

    Legal 2019

    Top Vendors

    IT Infrastructure 2019

    Top Vendors

    Plastic Tech 2019

    Top Vendors

    Facility Management 2019

    Top Vendors

    Fleet Management 2019

    Top Vendors

    CEM 2019

    Top Vendors

    Sensor Tech 2019

    Top Vendors

    RegTech 2019

    Top Vendors

    Marine Tech 2019

    Top Vendors

    Collaboration 2019

    Top Vendors

    Software Testing 2019

    Top Vendors

    Facility Management 2019

    Top Vendors

    Automotive 2019

    Top Vendors

    Food and Beverages 2019

    Top Vendors

    Insurance 2019

    Top Vendors

    HPC 2019

    Top Vendors

    Wireless 2019

    Top Vendors

    Simulation 2019

    Top Vendors

    Corporate Finance 2019

    Top Vendors

    Drone 2019

    Top Vendors

    AI Healthcare 2019

    Top Vendors

    SAP 2019

    Top Vendors

    Procurement 2019

    Top Vendors

    Cyber Security 2019

    Top Vendors

    IBM 2019

    Top Vendors

    Construction 2019

    Top Vendors

    Logistics 2019

    Top Vendors

    Managed Services 2019

    Top Vendors

    Manufacturing 2019

    Top Vendors

    Media and Entertainment 2019

    Top Vendors

    Cloud 2019

    Top Vendors

    Banking 2019

    Top Vendors

    Agile 2019

    Top Vendors

    IT Service Management 2019

    Top Vendors

    Retail 2019

    Top Vendors

    HR Technology 2019

    Top Vendors

    Oracle 2019

    Top Vendors

    Cognitive 2019

    Top Vendors

    Compliance 2019

    Top Vendors

    Contact Center 2019

    Top Vendors

    Healthcare 2019

    Top Vendors

    Gov and Public 2019

    Top Vendors

    Microsoft 2019

    Top Vendors

    Pharma and Life Science 2019

    Top Vendors

    DevOps 2019

    Top Vendors

    E-Commerce 2019

    Top Vendors

    Blockchain 2019

    Top Vendors

    IoT 2019

    Top Vendors

    Metals and Mining 2019

    Top Vendors

    Gamification 2019

    Top Vendors

    Field Service 2019

    Top Vendors

    Augmented Reality 2019

    Top Vendors

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Read Also

    Accelerating Petcare Innovation through CRM and Digital Vision

    Accelerating Petcare Innovation through CRM and Digital Vision

    Miao Song, Chief Information Officer, Mars Petcare
    How Cloud Systems are Impacting Business Environments

    How Cloud Systems are Impacting Business Environments

    Martin Stegner, CIO, NOVUM Hospitality
    Digital Tack

    Digital Tack

    Claus Nehmzow, Chief Innovation Officer, Eastern Pacific Shipping Pte
    Brokering the Cloud Services

    Brokering the Cloud Services

    Eric Boyette, Secretary & State CIO, Information Technology
    Defining a Cloud Strategy: A Higher Education Paradigm

    Defining a Cloud Strategy: A Higher Education Paradigm

    Russell M. Kaurloto, VP and CIO, Clemson University
    The 4Ps of Digital Transformation in Pharmaceutical Industry

    The 4Ps of Digital Transformation in Pharmaceutical Industry

    Debraj Dasgupta, Operating Officer, Head of Strategy and Go-To-Market Planning Division, Nippon Boehringer Ingelheim
    Technology’s Role in The Care and Quality of Life for The Aged

    Technology’s Role in The Care and Quality of Life for The Aged

    Jose A Perez, Chief Information Officer, Hammondcare
    How ECM is Revolutionizing Organizations

    How ECM is Revolutionizing Organizations

    Thomas Phelps IV, VP of Corporate Strategy & CIO, Laserfiche
    Loading...

    Copyright © 2021 APAC CIOoutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy  |  Sitemap |  Subscribe

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://compliance.apacciooutlook.com/ciospeaks/productivity-and-security-can-you-ever-have-both-nwid-765.html