We need to carry out a deep introspection about the current state of the IT and InfoSec rollout and the associated policies. The sequence of doing so is of the utmost importance. We may have to re-engineer the following.
1. Network Security
2. Application Security
3. Operational Security
4. Information Security
5. BCP & DR
6. End-User Education
Computing has seen a significant transformation. The IT services are being utilized and consumed by the end-users in a much different way than before. The stress on the IT managers has increased as they are compelled to allow the much-debated issue of securing and rolling out the BYOD policies. The forced reduction of the headcount & reduced wages has had an adverse impact on the employee’s integrity. Remote users have many peeping toms at home looking at the computer screens. The Home Wi-Fi used by the employees is not secure.
This leads us to analyze the top 10 areas of concern. Parallelly, the outbreak of an undeclared war between the “Cyber Bullies” and the “IT Security Soldiers” is hotter than ever before. We will discuss the strategies that IT Security Soldiers are adopting and the success thereof.
The current perceived threats have created opportunities for the vendors providing the NAC, ZeroTrust, RPA’s, ATP’s, infusion of ML and AI into the Firewalls and perimeter security devices to a large extent. The OS and RDBMS patch updates have taken a front stage and are a priority task for the IT Managers.
We need to draft out an SOP for keeping the IT Infrastructure secured. We need to create “8 Commandments” to have a well-secured IT Infrastructure
There is a human angle to IT Security as well. Only having robust IT InfoSec Policies. The Human Resource department needs to play an important role.
The goals that an IT InfoSec leadership needs to achieve has to be clear, well defined, and meticulously followed.
This presentation will be a snapshot of an end to end journey.