|
 For enterprise-class IT, security has become a primary focus. Change is the only constant in today's complex business environment, and in the case of IT security, change has brought with it a host of new concerns that must be acknowledged and addressed.
While last-millennium security often meant relatively unsophisticated threats such as viruses, attack scripts, and hackers motivated largely by curiosity, today organizations face a more complex and demanding situation. Malware is far more subtle and difficult to detect and eradicate; hacker curiosity has been replaced by hacker malice; and in many cases, as studies have shown, the internal threat is greater than the external threat.
Privileged insiders—users with special access to data, applications or systems—have been proven to constitute a large and growing problem for enterprise IT. Many high-profile cases in which entrenched security failed to prevent abuse of this type involve damages in hundreds of millions of dollars.
| Furthermore, new incentives to improve IT security have also arrived in the form of federal regulations, such as HIPAA, Basel II, and Sarbanes-Oxley, which spell out in stringent terms how large organizations must secure and manage sensitive data across its full lifecycle, from creation to archive, and make it available for purposes of legal discovery. Such regulations often carry fiscal and operational penalties in the event of a failure to comply—a daunting threat. |
|
The IBM Security Roadshow will offer professionals the opportunity to become more familiar with security challenges of many types—and IBM's strategies and solutions, which have been specifically designed to help the organization overcome them in areas ranging from identity management to compliance to physical security.
|
For these reasons, many organizations may wish to familiarize themselves with new developments in enterprise IT security, which has evolved in close tandem with the evolving threats and challenges. Organizations may be interested in learning, for instance, how they can move from point solutions which target only specific types of threats to more holistic, end-to-end security strategies designed to secure core business data from threats both known and unknown, today and tomorrow.
Best practice frameworks such as ITIL (Information Technology Infrastructure Library) also help, guiding IT managers in the process of developing and deploying solutions. And, of course, those new technological solutions themselves involve many new features which, operating both alone and in combination, must be optimized to work together in the fulfillment of the overall security strategy.
The IBM Security Roadshow Can Help Bring You Up to Speed
How can organizations today master such a complex and rapidly changing field—and all the new developments associated with it?
One answer comes from the IBM Security Roadshow. This multi-city event, taking place initially in New York, San Francisco, and Houston and subsequently in other cities around the US, will offer professionals the opportunity to become more familiar with security challenges of many types—and IBM's strategies and solutions, which have been specifically designed to help the organization overcome them in areas ranging from identity management to compliance to physical security.
Furthermore, in addition to technical and business information, a second incentive to attend comes from the social side of the roadshow. Attendees will have the opportunity to meet and interact with both IBM professionals and industry peers, develop new business relationships, share discoveries and successful new strategies, and generally increase their awareness about what's happening in the field of IT security.
Talks Will Address Compliance, Information Security, Identity Management, and End-to-End Strategies
Each event takes only a day, and has a specific agenda designed to help bring professionals up to speed in a quick and effortless manner.
Following a breakfast and registration period, attendees will experience an opening video, followed by a talk on the Secured Enterprise. This talk will cover big-picture security issues and complexities faced by enterprises today as they strive to improve IT efficiency, pursue service management strategies, reduce operational overhead, and develop new business relationships through extending IT services.
All of these areas involve elements of business risk; such risk must be recognized, acknowledged, and anticipated through a holistic security strategy designed to secure business data, applications, and services, while also maximizing business value. In the pursuit of such an end-to-end strategy, IBM is the only single-source vendor capable of providing a comprehensive range of consulting services and technological solutions—all advised by best practices frameworks and proven by decades of experience and thousands of successful customer engagements.
Subsequently, a talk on Compliance as Driver for IT Security will be given. Here, the focus will fall on creating a security strategy which is driven by awareness of the various elements pertinent to compliance, ranging from federal regulations to internal security mandates and manifesting in areas from audit report generation to internal controls.
If the overall goal of IT service management is to best align the services IT provides with the services the host organization needs, what role should compliance play? Developing a security posture that incorporates compliance from the ground up, and takes into account many subtle variables such as business type and geographic location, is key to transforming IT into an engine of sustainable business value.
The next talk will cover Information Security. Protecting data—as the essential lifeblood of business operations and the chronicle of business success or failure—is central to any successful IT security strategy. Yet such protection can be difficult to achieve given the fact that core business data commonly involves a complex lifecycle with many stages. Each stage must be considered carefully.
Identity and Access Management comprises the fourth major topic of the roadshow. Clearly, getting best business value from IT means restricting access to services, applications, and data to the right people and associating them with the right privileges.
However, identity and access management of this type is far from easy to achieve, involving many dimensions such as employee turnover, compliance auditing, multiple sign on processes for Web applications, and multiple pools of identity information which must be linked and unified to extend IT services beyond company walls. IBM’s answers to these many questions will be covered.
End-to-end Security is the focus of the fifth talk. Toward achieving proactive architectures, many organizations are moving toward innovative technologies and business processes designed to shield data far more comprehensively than point solutions such as firewalls and antivirus software. Best results will come from a collaborative effort between IT development and IT operations—and IBM security solutions admirably complement both groups.
Finally, the last session, a special roundtable event, addresses PCI compliance. Here, the subject is how today's enterprises can leverage automation as a general strategy, and leading IBM PCI compliance solutions specifically, in order to meet regulatory demands and fulfill customer needs more easily and effectively—ultimately competing better in the marketplace and enhancing the business bottom line.
|
