Risk management, policy, compliance and the rest of the 'boring' parts of where security collides with business, are all incapable of generating their own atomic metrics of results. Speaking to security analyst Conrad Constantine, he said that these areas are “just conjecture”, as formalised security monitoring and response can generate detailed metrics for all these processes. He said: “Do you have a security policy? Are you monitoring for violations of that policy in...
Read moreIn the delivery of IT services to large customer (B2C) communities the challenges for identifying users, securing their access and managing the ongoing digital relationship that a customer has with the business are continually evolving. Market drivers today mean that Identity and Access Management (IAM) solutions need to fulfill more than their traditional role of establishing security controls and meeting compliance obligations alone. New IAM solutions must satisfy a broad range of delivery criteria and...
Read moreNow more than ever, it’s important to be compliant with industry and government regulations. For the last several years, governments and industry groups on both sides of the Atlantic have been increasing the level of regulation for organisations, forcing them to prove that they have the proper controls in place. What happens if an organization doesn’t comply with security rules? They could be subject to expensive fines: breaching the Payment Card Industry (PCI) security standards...
Read more