IT arena is like a security battle ground, where internet is fundamentally open considering the major far-ends like social media, mobility, cloud, virtualisation etc which leads to targeted attacks.

On any given day; any organisation can suffer irreparable harm at the hands of cyber- attackers. No organisation is too small or too big for this.

Unfortunately this battle field is not symmetric. The attackers have the clear advantage. Defenders have to protect a wide perimeter while the attackers only need to find one hole to inflict massive amount of damage.

To make this situation even more complicate attackers are well organised now and collaborate with one another. Attackers operate globally in a relatively low risk environment with little chance of getting caughtMO.

(Read more: Top 5 things a CISO should evaluate to benchmark an IAM solution)


Recent trends impacting IT arena:

Cloud computing

  • Adds interesting challenges to organisations
  • How is data protected on the move or at rest
  • Contracts with cloud provider for security

Consumerisation of IT

  • Personnel and professional tools integration to bring productivity
  • Control hardware diversity and application support
  • What happens in case of security  breach


  • This is really exploding
  • Consider; is traditional security solution perform as expected
  • Virtual Machines introduce new security and compliance risk


Mobile device usage is growing rapidly. This trend increases target on these devices. Social engineering is the art of tricking someone. This is much easier than targeted attacks. These are much more effective results in good success. Evaluation of technology trends needs to have security in the process

(Watch more : Checklist: How to choose between different types of Application Security Testing Technologies?)

Recognise and capture risk

Some movies show cyber attacks. These movies show awareness of cyber attacks and hackers but have shown very little to the general public about how security works.

In this era of too many different threats with so many products to secure measuring the impacts of security is more important.

In my experience creating fear will surely fail to funding regularly best way is to communicate impact of the threat ensure security measures are proactive.


More:  Want to become a speaker and address the security community?  Click here    


E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform

RSAC Meetup Banner

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)