New Information Security Risks vs. New Business Requirements: How to Prepare for the Rough and protect against Industrial Espionage
Information Security professionals are facing a dilemma these days: On one hand, the threat landscape is changing to the worse and risks increase. On the other hand, business wants and needs to communicate and collaborate well beyond the traditional perimeter of IT (the enterprise itself), flexibly yet secure. The new challenges include nation-state Industrial Espionage at an entirely new level, organized crime acting as professional attackers on IT systems, new and insecure devices in widespread use, increasingly tight compliance regulations, and many other new types of risks. On the other hand, there is the Computing Troika: Cloud Computing, Mobile Computing, and Social Computing. Business wants to use new deployment models because they promise better value for the money. It needs to support mobile workforces and new types of devices. And it wants to deal with the millions of customers out there and new business partners, in a changing competitive landscape. This is about agility, about competitiveness, about flexibility in a global economic landscape. So Information Security is under pressure to support these new requirements while mitigating Information Security risks. It is about moving out of the role of the notorious naysayer, even when this appears to be virtually impossible. In his opening keynote, Martin Kuppinger will look at this scenario and deliver some thesis on how to succeed in solving this dilemma.