Q&A

Three Big Trends in Information Security: Past, Present and Future

A 20+ year industry veteran, Joanne Moretti of CA Inc., gives us her take on the biggest drivers in IT security and looks not only to the past, but predicts what CSOs and CIOs are heading for in the future

By Joan Goodchild, Senior Editor

Page 2

What has emerged as a hot area now? What are CSOs and CIOs investing in these days?
E-business is driving an enormous amount of activity on the security front for us. In the last two years, there has been a real uptake there. As an example, Sony Pictures is managing all of their content ⬠which is obviously their gold -- with our web access control. They will identify which people can get at which content. And it makes their life simpler to help their customers self-provision themselves and self-serve if they need to do a password reset and get into the site much easier.

Another company we've helped with e-business is Bell Canada. They had eight disparate legacy systems for customers to access information about their satellite TV, or their land line phone service, or if you wanted to purchase a mobile phone. So there were multiple systems customers could get at. Bell Canada wanted to provide customers with one password, one user ID, to get onto their business systems. We helped them implement a web access control system that allowed them to do that. They dropped calls to the help desk by 2 million calls a year. Each of those calls cost about $15. So you can do the math to see what a cost savings that was by offering a simple, secure approach to access their web.

And where are we headed? What are you hearing murmurs about from your clients?
Now what I'm seeing is activity around is governance, risk and compliance as well as managing and monitoring controls. It's just like managing and monitoring disparate systems. You've got all these disparate silos of people that are trying to do auditing. And companies are looking for the single thread and where they can remove redundancy from both the system and the business. They are looking for one holistic approach to managing compliance and regulations.

Were getting into this space slowly because GRC isn't really defined fully yet. So instead of just splashing product in the market we are working with our partners. We have 12 early adopters and we are working the kinks out with them. We think this market is still evolving. But we don't want to jump in too fast.

The other emerging market is around managing of records and managing information from a litigation standpoint. I would call it litigation risk. That is, records management, information governance, records retention and retrieval. Customers are wondering: How long do I need to keep something for? We are trying to help our customers with some best practices around that.

Joanne Moretti

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Security Directions: A Virtual Conference

Security Directions Available On Demand Sept. 30 - Dec. 30

Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.

» Register Now

WEBCAST
Protecting PII: How to Work with IT to Manage Risk

Compuware Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.

» View this Webcast

Featured Sponsors