CISO Uncovers a Few Surprises and Shares Unisys Best Practices with European Clients

Security4 minutes readOct 25th, 2011

[Sowmya Murthy] Patti, where were you recently talking to clients, and what topic(s) were you discussing?

[Patricia Titus] I recently traveled to Belgium and Holland for meetings with clients and prospective clients.  The activities centered around the Consumerization of IT and the disruptive trends and the impacts on their business operations and enterprise security.  As I usually find when talking to a diverse group with diverse missions, some were far more advanced with their strategy and implementation than others.

[Sowmya Murthy] What were some topics of interest?

[Patricia Titus] What I always find interesting is the level to which security professionals will address a situation.  Some address it from the policy view, and others are quick to take the technology fast track.  What we were able to do is guide the conversation to show the point of convergence between the need for policy and the need for technology to solve the problems.  And don’t forget the human factor, which I was constantly reminded of.  It was a great exchange of ideas and very thought provoking dialogue.

[Sowmya Murthy] Anything strike you as surprising?

[Patricia Titus] What was of particular interest is that a few of the participants in our events were adopting the National Institute of Standards and Technology security frameworks and guidance documents, which we’ve been using in Unisys now for several years both for our public sector clients but also inside our corporate network.  It’s a great enhancement to the ISO 27001 standards we already use.  It was refreshing to see that NIST security guidelines were being used outside the United States.

[Sowmya Murthy] Any current events that made for good fodder for conversation?

[Patricia Titus] My visit to Europe was just after a large and disastrous DigiNotar hack.  This provided a great discussion point about “having your eggs in one basket.”  The effects of that hack forced a major disruption to online transactions affecting  several governmental entities and companies , causing untold economic impacts.  The open and candid discussion we had  helped me see the big picture of those incidents even better and  to see what happens to organizations that don’t embrace the defense-in-depth strategy in their operation.?

[Sowmya Murthy] What final thoughts did you walk away with, and how does Unisys figure in the Consumerization of IT story?

[Patricia Titus] In summary, the globalization of our digital world brings to light that we’re all suffering from the same issues when it comes to Consumerization of IT, mobilized workforce and cyber security pitfalls. Unisys has taken proactive steps to address our own internal Consumerization of IT and the mobility of our workforce, which in turn allows us to share the lessons learned.  Because we consume our own services within the company, it is a testament that we know what our clients struggle with and have some valuable lessons learned.  We recognized that in order to address the disruptive technologies, it meant more than buying a third-party security technology to secure our corporate data on a device. It meant we needed to move to a more data-centric framework which is a bit of a change from our previous network-centric view.  One thing we’ve realized is the importance of risk advisory services to help determine what you really should be implementing.  Taking the business needs in to account truly drove our strategy and developing a cross-functional working group is one example of how to build consensus for your mobility projects.

Unisys is on an amazing journey ourselves.  For more view into our ongoing journey please go to Security Straight Talk blog or the Disruptive IT Trends – Consumerization blog.

Tags-   Consumerization Security