Apac
  • Home
  • CXO Insights
  • CIO Speaks
  • Partner Conferences
  • Newsletter
  • Subscribe
  • News
  • About us
Apac

  • Agile

    Artificial Intelligence

    Augmented Reality

    Big Data

    Blockchain

    Cloud

    Cyber Security

    DevOps

    Digital Technology

    Enterprise Security

    HPC

    Internet of Things

    IT Services

    Mobility

    Networking

    Open Source

    POS

    QA and Testing

    Robotics

    SaaS Solutions

    Security

    Simulation

    Smart City

    Startup

    Storage

    Unified Communication

    Virtualization

    Web Development

  • Automotive

    Aviation and Aerospace

    Banking

    Compliance

    Construction

    Contact Center

    E-Commerce

    Education

    Energy

    Engineering

    Field Service

    FinTech

    Gov and Public

    Healthcare

    Insurance

    Legal

    Logistics

    Manufacturing

    Media and Entertainment

    Metals and Mining

    Pharma and Life Science

    Retail

    Sports

    Telecom

    Travel and Hospitality

    Utilities

  • Amazon

    CISCO

    Google

    HP

    IBM

    Intel

    Microsoft

    Oracle

    Red Hat

    Salesforce

    SAP

    VMware

  • Business Intelligence

    Business Process Management

    CEM

    Collaboration

    Corporate Finance

    CRM

    Data Center

    Disaster Recovery

    Document Management Systems

    Enterprise Architecture

    Enterprise Asset Management

    Enterprise Performance Management

    ERP

    Fleet Management

    Gamification

    Geographical Information System

    HR Technology

    IT Service Management

    Managed Services

    Payments

    PLM

    Procurement

    Project Management

    Risk Management

    Sales and Marketing

    Workflow

Menu
    • AI
    • Amazon
    • Augmented Reality
    • CISCO
    • DevOps
    • Education
    • Sports
    • EPM
    • ERP
    • Gamification
    • HPC
    • IT Services
    • Metals and Mining
    • Project Management
    • Robotics
    • Salesforce
    • Simulation
    • Smart City
    • Enterprise Asset Management
    • Travel and Hospitality
    • Unified Communication
    More
    ERP Gamification HPC IT Services Metals and Mining Project Management Robotics Salesforce Simulation Smart City Enterprise Asset Management Travel and Hospitality Unified Communication
    ×

    Subscribe to our Newsletter

    news
    news

    Join our mailing list for the latest articles, news, and exclusive insights from prominent technology leaders

    loading
    SUBSCRIBE

    Thank You for subscribing with us. We sent you an email regarding this.

    news

    • Home
    • Compliance
    Editor's Pick (1 - 4 of 8)
    left
    CIOs Need To Know Their Business, Not Just Tech

    John Sadowski, EVP & CIO, Sandy Spring Bank

    Your Next Law Firm Website Project

    Vic Peterson, CIO, Stinson Leonard Street LLP

    Essentials for a Compliant Environment

    Seevali Fernando, Group CIO, Hoya Corporation

    The Digital Agency

    Ralph Chivers, CIO, Ministry of Business Innovation and Employment, New Zealand

    E-commerce and the Data behind it

    Klemen Drole, CIO, Lazada Group

    Need and Importance of IT in the Shipping Industry

    Anjan Deb, GM-IT (CIO), The Great Eastern Shipping

    At the Crossroads of Sports and Technology

    Jerry Mcglynn, CIO, Specialized Bicycle Components

    Proliferative Innovation via Platform+Agile

    Dr. Steve Hodgkinson, CIO,Department of Health & Human Services in Melbourne, Australia

    right

    Drive Faster Response, Stronger Security and Better Compliance in 2016

    By Gavin Selkirk, President Asia, Pacific & Japan, BMC Software

    Tweet
    content-image

    Gavin Selkirk, President Asia, Pacific & Japan, BMC Software

    With reports of large-scale hacking attacks in the past year a common news headline, 2015 did not score well when it came to cybersecurity awareness. In 2016, it is morecrucial than ever for executivesto take control of cybersecurity to protect their businesses and customers while delivering innovation.

    Together with Forbes Insights, BMCreached out to executives in North America and Europe to get their perspectives on critical issuessurrounding cybersecurity threats. These threats are not geographically specific, and are also prevalent in Asia Pacific. A few notable examples from 2015 include several attacks by Anonymous, a hacktivist group, on Thai government sites, as well as a privacy breach at Kmart Australia, which exposed customers’personal information.

    With cybersecurity threats on the rise, businesses should begin to build a game plan to eradicate the problems from the root. Here are three key findings from the Forbes Insights report that could serve as guidelines for this game plan.

    1. Security breaches occur even when vulnerabilities and their remediation havealready been identified

    On the surface, vulnerabilities may seem trivial oreasy to fix. Ideally,a business would scan for vulnerabilities, prioritize them, and then set off to fixthose with a known patch before working to address the rest.However, in order for this chain of steps to happen, there has to be a significant level of engagement and collaboration between the security and operations teams. As a result of misaligned or conflicting priorities, inability to come to a consensus between both teams may result in delayed remediation.

    2. Security and operations teams have little understanding of each other’s requirements

    The security team is responsible forkeeping the business secure, while the IT operations team works to keep the business up and running.  After running a scan for vulnerabilities, the security team then hands off to operations to fix the problems. If the operations team are not clear which vulnerabilities have patches, the severity of the different vulnerabilities, or the impact of the patch on the production environments, they will either fail to prioritize or ignore it all together. This gap between security and operations is known as the “SecOps” gap.

    3. Poor coordination puts a strain on labor costs for security and operations departments

    In this context,the misalignments go deeper than just teams not meeting regularly.  When the security team runs scans and produces reports,they may not be delivering information that the operations team considers actionable. The operations team then has to go through and figure out which vulnerabilities have a known patch, and also make an assessment of how severe the risk. This places a huge drain on already tight resources.

    Set Your Game Plan in 2016

    With security breaches not looking to decline in the short-term, it is crucial for businesses to set a game plan to address the SecOps Gap. There are three critical elements to the plan - People, Process, and Technology.

    People - A strong people strategy is the heart of an effective change management initiative. Start with setting a consistent vision for the security and operations teams. The teams need to realize that they are interdependent and have shared goals with regards to the overall security of the business. These goals need to be balanced together with the needs of the business to be agile and reliable.

    Process - The processes need to be reviewed in light of the shared goals and objectives. Repetitive, manual workflows should be evaluated to find out the possibilities of automation. Hand-overs within the businesses need to be tighter and provide opportunities for feedback and learning.

    Technology - Technology should be deployed to facilitate the coordination and collaboration of businesses. It is vital to be precise, and ensure that the technology you choose is built to solve the root problem and not just portions of it. It must also be able to handle the demands and complexity of your business. Automation tools to institute corrective actions and a centralized view into vulnerabilities and remediation actions are key.

    The bottom line is that the flood waters of security breaches will continue to rise until something significant is done. 2016 needs to be the year for action.

    Read Also

    How GDPR can open opportunities for APAC businesses

    How GDPR can open opportunities for APAC businesses
    Keeping Pace with Technology

    Keeping Pace with Technology
    Adventures In Sourcing Compliance And Risk Systems

    Adventures In Sourcing Compliance And Risk Systems
    Customer Data: The New Compliance Frontier

    Customer Data: The New Compliance Frontier
    Top 25 Compliance Solution Providers - 2018

    Top 25 Compliance Solution Providers - 2018

     Top 25 Compliance Solution Providers - 2017

    Top 25 Compliance Solution Providers - 2017

     25 Most Promising Compliance Solution Providers

    25 Most Promising Compliance Solution Providers

    Featured Vendors

    MasterSAM

    Sanjeev Dhar, MD

    entity solutions

    Matthew Franceschini, CEO & Co-founder

    Compliance Special

    Copyright © 2018 APAC CIOoutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy  |  Sitemap

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://compliance.apacciooutlook.com/cxoinsights/drive-faster-response-stronger-security-and-better-compliance-in-2016-nwid-1157.html