BEDFORD, MA - December 10, 2013 -
RSA, The Security Division of EMC (NYSE:EMC), today released the latest Security for Business Innovation Council (SBIC) report, providing guidance for how organizations can enable new competitive advantages in their business by transforming outdated and inflexible processes that govern the use and protection of information assets. The report highlights key challenges, upgraded techniques and actionable recommendations that can be used to plan and build new processes to help organizations gain business advantage and more effectively manage cyber risks.
In this latest report titled Transforming Information Security: Future-Proofing Processes, the Council observes that business groups within organizations are taking greater ownership of information risk management; however outdated security processes are hindering business innovation and make it difficult to combat new cybersecurity risks. The Council offers guidance calling for information security teams to collaborate more closely with functional business groups to establish new systems and processes to help identify, evaluate, and track cyber risks faster and with greater accuracy.
The new report spotlights areas ripe for security process improvement including risk measurement, business engagement, control assessments, third-party risk assessments, and threat detection. The Council also offers five recommendations for how to move information security programs forward to help business groups exploit risk for competitive advantage:
“For the enterprise to successfully innovate in today’s digital world, security teams must re-evaluate cyber risk management efforts, steering away from reactive, perimeter-based approaches that are inflexible and focus instead on proactive collaboration with the business. Updated processes as described by the Council can help organizations achieve a greater visibility of risk that can be harnessed to benefit the business.”
Dave Martin, Vice President and Chief Information Security Officer, EMC Corporation
“Documenting business processes has to be a collaborative effort, to accurately reflect what the risks are to the system. We’ll never understand the business value of the information to the same degree as the business owner, and they’ll never understand the threats to the same degree as the security team.”
The Security for Business Innovation Council is a group of top security leaders from Global 1000 enterprises committed to advancing information security worldwide by sharing their diverse professional experiences and insights. The Council produces periodic reports exploring information security’s central role in enabling business innovation. This report is the second in a three-part series on building a next-generation information security program. The first report was titled Transforming Information Security: How to Build a State-of-the Art Extended Team.
Contributors to this report include 19 security leaders from some of the largest global enterprises:
|ABN Amro||FedEx Corp.||Nokia|
|ADP, Inc.||Fidelity Investments||SAP AG|
|Airtel||HDFC Bank Ltd.||TELUS|
|AstraZeneca||HSBC Holdings plc.||T-Mobile USA|
|eBay||Johnson & Johnson|
|EMC Corp.||JPMorgan Chase|
RSA, The Security Division of EMC, is the premier provider of security, risk, and compliance- management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.
Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention, and Fraud Protection with industry-leading GRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.EMC.com/RSA.
EMC Corporation is a global leader in enabling businesses and service providers to transform their operations and deliver IT as a service. Fundamental to this transformation is cloud computing. Through innovative products and services, EMC accelerates the journey to cloud computing, helping IT departments to store, manage, protect and analyze their most valuable asset – information – in a more agile, trusted and cost-efficient way. Additional information about EMC can be found at www.emc.com.