CISOs Bring ‘Practical Paranoia’ To Enterprise Mobility
When the enterprise goes mobile, so do hackers. With a single mobile device comes the capability for endless threat vectors. And what better way for mobile professionals to understand than to hear from the security experts themselves?
On Day One of the Enterprise Mobility Transformation Exchange, CISO Rebecca Wynn of Matrix Medical and CISO Bob Turner of the University of Wisconsin-Madison gave back-to-back presentations outlining the needs of maintaining security in an IoT world, and seeing through the lens of a security professional to best determine an internal threat.
Dubbed “practical paranoia,” Wynn gave statistics on the scope of IoT, and how conservative estimates show at least 20.4 billion connected devices to be in use by the year 2020. Securing the individual devices is clearly a need, but ensuring the entire ecosystem perimeter is protected is paramount, Wynn said.
The security conversation, naturally, bled into Day Two of the Exchange, as San Francisco District Attorney’s Office CIO Herman Brown discussed the use of Artificial Intelligence in security during a think tank that drew a deeper conversation.
“It’s about policies first,” Brown said to the group. The CIO has authored more than a dozen security-specific policies since entering the position, but what’s put on paper doesn’t always translate to human use.
Brown shared the story about how a recently deployed network security system, which uses artificial intelligence to create data and alerts for the administrator, helped track an incident in which sensitive information was sent via email from a member of the office to that person’s personal email account.
The AI-based security solution alerted Brown and his team to the incident, which then led to an internal investigation.
“AI can detect an anomaly,” Brown said, “and even quarantine a situation to minimize the impact. But as of now, there’s still human interaction needed to take next steps.”
In Turner’s case, security has a slightly different face, as students enrolled at the University of Wisconsin-Madison are bringing 5-8 connected devices with them to campus, all of which represent new threat vectors to the school’s digital infrastructure. Additionally, U. of Wisconsin is a research facility with proprietary information.
Turner explained to the audience that security has a variety of needs in his role, which include compliance issues, Wi-Fi lockdowns and flexible device usage.
Security was just one of many topics touched on in Day One of the Enterprise Mobility Transformation Exchange, including IoT and how it’s progressing agriculture, and the purpose of a mobile center of excellence. Learn more about the exchange here.