Users
Article Options
Shelley_Boose

2012 Security Resolutions

by nCircle Staff on 01-09-2012 12:22 PM

1) Step Up Your Risk Management Game

 

Go beyond the 'find and fix' mentality and begin to measure and manage by counting what matters. Work with other groups towards mutual goals and to share results both good and bad.

Finally, use metrics as a weapon of mass budget allocation and a tool to move budget dollars to where they're needed most.

 

- Tim Erlin, Director of Product Management

 


2) Understand IPv6 and All its Security Implications

 

We've all been avoiding the implications of IPv6 because haven't really needed it, but now we do. Set aside some time to really understand IPv6 because the impact on security is enormous and it's not something that can be integrated in a rush.

 

Become knowledgeable enough be to explain IPv6 security issues to upper management so you are prepared to fight for the necessary budget allocation before IPv6 issues become an emergency.

 

- Andrew Storms, Director of Security Operations

 

3) Start Thinking Like a Cyber Criminal

 

Imagine you were part of an organized crime unit, and your criminal organization has targeted your company for a cyber attack. What information would you try to steal? What information could be used to make money?

 

This mental exercise can help you defend your network and your data. Use the same thought process to evaluate cyber attacks originating from nation states and 'hactivists' because each of these groups may target different kinds of information for different reasons.

Understand each group and the data that could be valuable to them so you can make it more difficult for them to carry out any of their strategies on your network

 

- Tim 'TK' Keanini, CTO

 

4) Move Toward Continuous Monitoring of Security and Compliance Controls


Security is a business process that should be maturing in all organizations and 2012 is the time to move closer to a continuous view of your security and compliance controls. Maximize your use of automation and technology in 2012 to provide reports and alerts for material deviations from internal policies, provide baseline measurements and goals, and reduce hands-on intervention in routine security processes.


Security talent is a scare resource. Take advantage of the talent you have by having them focus on real risks. Automation can also provide excellent data that compares the performance of your security initiatives to your peers.

 

- Elizabeth Ireland, VP Marketing

0 Kudos
About the Author
  • Ed has been leading technology sales and marketing teams for over 20 years. Ed and his team are building a channel of IT solution and security partners for nCircle PureCloud and Benchmark that focus on the SMB markets. We are looking for partners that are interested in expanding their offerings to include nCircle’s innovative and market leading cloud-based solutions.
  • John leads nCircle's vulnerability management product efforts and brings over 12 years of product management experience in delivering superior value to customers John is a signal officer in the US Army Reserves and for the past seven years has led Army Vulnerability Management Teams (VAT) as part of the Western Information Operation Center (WIOC). The WIOC is one of the few cyber defense units in the Army Reserves and reports to the Army Reserve Information Operations Command (ARIOC) – and ultimately to Army Cyber Command (ARCYBER).
  • 15+ year veteran in the Information Security industry
  • Voracious consumer of news, books and social media. Security market observer. Fitness nut.
  • software engineer at nCircle working on Benchmark.
Announcements

Join Connect for access to exclusive Network Security content

New Members:
Click here to get started

Can't find what you're looking for?
Please let us know by clicking on the orange Feedback link on the far left side of the page.

Blogroll