The present and future of IT security
Mobile working and virtualisation could boost security - this and other insights on the past, present and future of IT security from Gartner research vice president Jay Heiser.
London, the security capital of the world?
Heiser has had a long experience working in the IT and security sectors, with an MBA in international management as well as stints at the Pentagon and a series of consultancies. Now based in London, he felt that there was a very active infosec community, and that now it could rightly be crowned the security centre of Europe.
Nowadays working with Gartner, Heiser said that he was now working more with people and culture issues changing the way people do things rather than learning new technology. He claimed that in the past IT security had overemphasised the technology, but he was keen to make clear that it wasn't an either/or' situation.
"Defence in depth means that there needs to be human as well as technical mechanisms," he argued. "In the past when we've talked about defence in depth we've had narrow depth you have two locks in front of you door that's not defence in depth."
"We're now full appreciating what technology can do and truly better appreciating what people can do reaching the optimal combination."
Heiser said that the people who ran businesses needed to appreciate risks so they could make good decisions, and that it shouldn't be technology people. He claimed putting technology people in charge would usually lead to overspending, and also meant companies could miss some big risks.
Living and working in the UK, Heiser was very positive about this country when it came to attitudes about IT security, claiming that we led the world when it came to approaching it in a process orientated way, with the Americans belatedly following behind.
He said: "Generally speaking, the UK has not been a leader in technology in the [security] area, although there have been a few areas where they have been. However, in terms of process the UK has taken a global leadership and I think it's something the local community should be proud of."
In This Article
Application security fallacies and realities
Web application attacks are the most common vulnerability, so what is the truth about application security?Download now
Your first step researching Managed File Transfer
Advice and expertise on researching the right MFT solution for your businessDownload now
The KPIs you should be measuring
How MSPs can measure performance and evaluate their relationships with clientsDownload now
Life in the digital workspace
A guide to technology and the changing concept of workspaceDownload now