Digital Edition

SYS-CON.TV
Understanding the Risks and Value of Mobility to Your Stakeholders
It’s important to understand what your stakeholders are looking for out of mobility

The key to securing your mobility is to understand how it is being used in your environment and what is potentially at risk. Taking stock of the mobile devices, applications and traffic in your network is critical to identifying how your data and resources are potentially vulnerable.

Since mobile devices are being used to do more and more -the devices being carried around today are 3000 times more powerful than the compute power on the original space shuttle6 - the potential risks continue to increase. Once an attacker is "in" - tricking a user into downloading malware or a malicious app, infecting a Wi-Fi hot spot, exploiting a device vulnerability, in the operating system, hardware, configurations, etc. - they can do almost anything on the device and apps, including:

  • Intercept emails and text messages
  • Steal application data, including content within secure containers and wrappers
  • Capture browsing activity, including any usernames and passwords entered into sites
  • Extract contact lists, call and text logs
  • Activate the microphone (to listen in on private conversations and meetings)
  • Use the camera to take pictures or videos (white boards, manufacturing plant layouts, etc.)
  • Track location (where an executive is going could provide insights into potential customer deals or merger/acquisition plans, etc.) Stakeholders across your organization will likely view these risks differently and have different expectations around what is needed to effectively secure your data and resources. Since security is always a balancing act, requiring decisions on when and how to allow or shut down access, it's important to understand what your stakeholders are looking for out of mobility and what they are willing to accept in terms of security.

Stakeholders across your organization will likely view these risks differently and have different expectations around what is needed to effectively secure your data and resources. Since security is always a balancing act, requiring decisions on when and how to allow or shut down access, it's important to understand what your stakeholders are looking for out of mobility and what they are willing to accept in terms of security.

Role

What Mobility Represents to Them

Their Mobile Security Priorities

CISO

Business-level objective to improve agility and overall productivity.

Getting ahead of the evolving mobile threat landscape to prevent intellectual property loss, tough board-level discussions and lawsuits that:

  • Erode customer confidence
  • Tarnish brand reputation
  • Reduce competitive advantage

Audit & Risk Managers

An initiative that introduces risks that need to be quantified and managed.

Meeting compliance goals by adhering to security best practices and putting measures in place that reduce the attack surface.

Audit & Risk Managers

An initiative with a lot of moving parts out of their control. Need to support:

  • BYOD
  • New mobile application roll outs
  • Ongoing management and maintenance of mobile policies

Improving visibility to better manage mobile devices and applications and reduce risks to ensure alignment with overall security policies and practices.

Security Team

An initiative that opens up a lot of new threat vectors that need to be managed and mitigated to keep resources safe and prevent data leakage.

Effectively assessing mobile risks, integrating mobile intelligence into security information and event management (SIEM) and network access control (NAC) systems, and consistently applying policies, regardless of how or where a user accesses resources.

Employees

The convenience of being able to work whenever and wherever they are located.

Protecting their privacy and preserving a simple, good user experience.

About Michael Shaulov
Michael Shaulov is CEO and co-founder of Lacoon Mobile Security. He’s responsible for the direction of the company, with a maniacal focus on adding the security organizations need to effectively leverage mobility. He is a recognized industry speaker, delivering talks at BlackHat EU, BlackHat USA and Infosec.

Prior to founding Lacoon, Michael co-founded BlueRidge Storage Systems and founded and led the Mobile Intrusive Interception team for the security division of NICE Systems LTD. Before his commercial endeavors, he pioneered the mobile security field in an elite military technological unit, where he received the Israeli Presidential Excellency Honor for his contributions. He holds a BSc in Computer Sciences and Physics from Ben-Gurion University, Israel.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1



ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

Consumer-driven contracts are an essential part of a mature microservice testing portfolio enabling ...
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitori...
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, ...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple ...
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use ...
DXWorldEXPO LLC announced today that "IoT Now" was named media sponsor of CloudEXPO | DXWorldEXPO 20...
SYS-CON Events announced today that Silicon India has been named “Media Sponsor” of SYS-CON's 21st I...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, disc...
In this presentation, you will learn first hand what works and what doesn't while architecting and d...
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 22n...
In his session at 20th Cloud Expo, Scott Davis, CTO of Embotics, discussed how automation can provid...
Everyone wants the rainbow - reduced IT costs, scalability, continuity, flexibility, manageability, ...
Founded in 2000, Chetu Inc. is a global provider of customized software development solutions and IT...
The standardization of container runtimes and images has sparked the creation of an almost overwhelm...
SYS-CON Events announced today that DatacenterDynamics has been named “Media Sponsor” of SYS-CON's 1...
Most DevOps journeys involve several phases of maturity. Research shows that the inflection point wh...
Dynatrace is an application performance management software company with products for the informatio...
Today, we have more data to manage than ever. We also have better algorithms that help us access our...
Andi Mann, Chief Technology Advocate at Splunk, is an accomplished digital business executive with e...
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held Novemb...