Journal: Information Security Seven Guiding Principles

Collaboration Zones, Communities of Practice, InfoOps (IO), Methods & Process, Mobile, Policies, Real Time
Full Story Online
Full Story Online

RSA Executives Offer Seven Guiding Principles To Maximize Megatrends Redefining the Information Security Industry

LONDON, Oct. 20 /PRNewswire/ — RSA® CONFERENCE EUROPE 2009 — Building a
systemic security strategy to help organizations better face challenges and exploit opportunities spurred by next generation technology trends was the theme of the opening keynote at the 2009 RSA Conference Europe. In a joint keynote address, Art Coviello and Christopher Young, President and Senior Vice President, respectively, with RSA, The Security Division of EMC (NYSE: EMC), highlighted the need for organizations to develop a systemic security strategy that treats escalating technology trends not as a burden to be lifted, but as
an unprecedented opportunity to improve security and build a more secure information infrastructure.

The seven principles:

1. Security must be embedded into the IT Infrastructure

2. Develop ecosystems of solutions

3. Create seamless, transparent security

4. Ensure security controls are correlated and content aware

5. Security must be both outside-in and inside-out focused

6. Security has to be dynamic and risk-based

7. Effective security needs to be self-learning

Phi Beta Iota: Bill Caeli, Winn Schwartau, Jim Anderson, and Robert Steele, among many others, were saying this in the early 1990’s.  The US Government is not structured too steer and appears totally unable to establish “situational awareness” in a holistic, sustained, near-real-time manner.  That is both a leadership failure, and an intelligence failure.  A true intelligence leader can make up for political leadership short-comings–the obverse is not true.

1994 Sounding the Alarm on Cyber-Security