We’ve already established that perfect security is impossibly in cyberspace, especially with the move to the cloud, the consumerization of IT, and the rise of mobile. Still, even with current transformations, IT can still get more secure as it evolves. Recently, HP announced an enterprise security strategy to address these new challenges, which was described in an interview by IDG’s Bill Laberis at the HP Protect 2011 conference on Monday, September 12, 2011, with CTOvision’s Bob Gourley and Tom Reilly, Vice President and General Manger of Enterprise Security at HP.
HP’s strategy is called Security Intelligence and Risk Management. Risk Management is the understanding that 100% security is impossible, so decisions and tradeoffs must be made, while at the same time organizations have to be proactive about defense, determining what the greatest vulnerabilities and worst attacks would be on their enterprise to preempt them and perform remediation efficiently and swiftly when necessary. In order to manage risk, you need Security Intelligence, the knowledge of who and what is on your network, as well as whether, where, and how you’ve been breached. To do so, HP uses best-of-breed technologies such as Tipping Point for network security, Fortify and SPI Dynamics for application security, and ArcSight for universal log management and intelligence. HP brings those offerings together, integrating them so that the whole is better than the sum of its parts.
Bob Gourley, former CTO of the Defense Intelligence Agency, offered a CTO view of HP’s approach. CTOs, CISOs, and CIOs are eager to find a provider that can bring intelligence, risk management, application security and network security together to lower costs, speed up return on investment, and lower risk to the enterprise. Enterprise security almost always pairs these increases in security with increases in functionality, the other role of the CIO.
But what if a CIO likes what HP has to offer, but has already invested in alternative security infrastructure? Implementing HP’s Enterprise Security solutions doesn’t have to be a “rip and replace” upgrade. Rather, the goal is integration, tying together software like Tipping Point, Fortify, SPI Dynamics, and ArcSight with your security investments and making them all work better together. Bringing great, stand alone solutions together into a powerful Enterprise Security ecosystem is the real innovation that HP is now offering CIOs.
- Myths and Realities of Cloud Cybersecurity (ctovision.com)
- Survey says: Security risks never higher, or more costly (ctovision.com)
- Evolving Approaches to Cyber Threats (ctovision.com)
- Yesterday’s Security Doesn’t Work for Today’s Threats (ctovision.com)
- Big Data and the Enterprise CIO (ctolabs.com)