VENDOR TALKS
HOW SHOULD CISOs MANAGE DATA COMPLIANCE AND INTEGRITY With focus on data ownership and governance, what do vendors recommend to CISOs, to be able to track origin and movement of data across the organisation.
EPHREM TESFAI,
DR ALEKSANDAR VALJAREVIC,
SALES ENGINEERING MANAGER MIDDLE EAST, TURKEY AND AFRICA, GENETEC.
HEAD OF SOLUTIONS ARCHITECTURE, HELP AG MIDDLE EAST.
Integration is a common goal for security and IT teams within organisations looking for efficiencies by linking video with access control and ALPR. While integration can increase situational awareness, it does not lead to significant productivity gains. With integration, organisations are still deploying distinct security solutions from multiple vendors, purchasing multiple servers, attending multiple vendor-specific training, and maintaining several systems. However, a better approach exists – unification. True unification allows you to deploy a single platform that embeds multiple security systems, minimises IT infrastructure expenditures, and reduces your total cost of ownership. A unified security platform enables deep integrations with video surveillance and other key security systems such as access control, video analytics, intrusion, and license plate recognition, providing more consolidated information for faster decision-making. This technology encourages a greater collaboration between stakeholders, ensuring that if something does happen, critical information is available. When crowds draw in by the thousands, unification will make the difference in keeping them safe. It is important to have a reporting platform that can help data controllers monitor state of their systems or to conduct research around who had access to and downloaded information from their systems. ë
CISOs POSE THIS QUESTION FOR INDUSTRY VENDORS TO ANSWER. HERE IS WHAT THE VENDORS HAVE TO SAY 28
A P R I L 2019
As cloud and data analytics take centre stage in IT discussions, networks are expanding, and traditional perimeters are being erased. In the world of tomorrow, we will be become ever more dependent on data and together with our identities, this will become the only thing that we could and would be able to control and protect. Regulations such as the European Union’s GDPR are clear indication that today, consumers are becoming more conscious of their data and how it is used and secured. For these reasons, data protection and the various elements it entails such as data compliance, data governance, access control and authentication, data encryption, data ownership, and data residency are becoming increasingly important to businesses. To be able to protect your organisation’s data it is most critical to have complete visibility over it. This means having the ability to understand how it is being accessed and transmitted at every point in the network. From a technical perspective, achieving this means first identifying, and evaluating all touch points. These could include end point devices, email, web proxies to applications, and the cloud. With this clear understanding of what assets need to be secured, it is critical to not only implement the necessary security solutions, but to ensure they are seamlessly integrated to ensure end-to-end visibility and security. The next step is to ensure that technical controls for data classification, data leak prevention, and data encryption for data that is at rest, in transit or that is being processed, are in place. Finally, we must acknowledge that humans still present the weakest link in the cybersecurity chain. According to the 2018 Cost of Data Breach study conducted by the Ponemon Institute, 25% of data breaches are triggered by human error, including one’s failure to properly delete data from devices. Recognising this, it is imperative to address the human aspects of data protection as ultimately, technology will not add value unless it is supported by security policies and processes that are well created, and well enforced. ë