Personal tools

Digital Trust and Cybersecurity Platforms

University of Pennsylvania_060221A
[University of Pennsylvania]

 

- The Role of the CISO (Chief Information Security Officer)

Since the late 1990s, enterprise security infrastructure grew organically as CISOs (Chief Information Security Officers) added independent security controls as countermeasures to new or growing threats. This tactical strategy was adequate in the past, but it is a mismatch for today’s dangerous threat landscape and growing attack surface. 

In fact, a point tools-based security infrastructure often leads to high costs, complex security operations, unacceptable levels of cyber risk, and data breaches. Many organizations have had enough. As an alternative to point tools, CISOs are embracing tightly coupled security technology platforms offering advanced threat protection, central management, and coverage across endpoints, networks, and clouds.

The CISO is a senior-level executive responsible for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems and assets from both internal and external threats.

 

- Cybersecurity Platforms

A cybersecurity platform is a centralized solution for managing and protecting an organization's data, users, and network. A cybersecurity platform enforces defensive controls, manages network activity, and performs configuration updates and management. The cybersecurity platform is designed to provide enterprises with a way to integrate security visibility, analytics and control across a range of security layers and data sources while enhancing protection, scalability and performance.

Enterprise networks are rapidly becoming more complex. Most organizations are expanding their network infrastructure as they move to the cloud and support remote workers. At the same time, they are also undergoing digital transformation, deploying new types of systems, such as Internet of Things (IoT) devices, on enterprise networks. Application development as well as DevOps practices are changing, and the adoption of cloud-native applications has created an ever-changing enterprise digital attack surface.

The end result of these changes is that corporate cybersecurity programs are harder to manage. Manually enforcing corporate security policies on various devices and meeting the unique security needs of those systems is not a scalable solution.

 

- Digital Trust

Digital trust is the confidence users have in the ability of people, technology and processes to create a secure digital world. Digital trust is given to companies who have shown their users they can provide safety, privacy, security, reliability, and data ethics with their online programs or devices. When a person decides to use a company's product, they are confirming their digital trust in the business. 

Digital Trust is a necessity in a global economy reliant on ever-increasing connectivity, data use, and new innovative technologies. In order to be trustworthy, technology must be secure (ensuring connected systems’ confidentiality, integrity, and availability) as well as responsibly used. The lack of assurances regarding these two aspects have led to a digital trust deficit. 

Digital trust initiative encourages stakeholders to prioritize the cybersecurity (including cyber resilience and security-by-design) and responsibility aspects of technology use (including, e.g., privacy protection, ethical and values-driven innovation, transparency in development, accountability, etc.) in order to rebuild digital trust. Because of a lack of security, alongside ethical lapses, lack of transparency, and other issues distrust of digital technologies is increasing. Diagnostics of the level of popular mistrust already exist. Normative efforts to define some of the parameters of state-to-corporate digital trust are in their infancy.

Digital trust divides dependable services from corrupt ones, helping the user decide on a secure company rather than an unreliable one. It creates a bond between a user and a company that assures the user they will be receiving what they are asking for in a safe, secure and reliable manner. The more digital trust a company receives, the more likely it will be to gain more users.

 
 
 

[More to come ...]

 

 

Document Actions