News Stay informed about the latest enterprise technology news and product updates.

Prepare for IoT security, and how to develop a SaaS risk strategy

The Internet of Things provides consumers with many conveniences, but as ASIP CTO Andy Thurai and IBM VP of product management Michael Curry cautioned CIOs at MassTLC’s recent IoT conference, its massive attack surface and the lack of security standards also mean that breaches to these connected devices are inevitable. Features writer Kristen Lee lists four key elements of IoT security, according to Curry, to help CIOs prepare for these attacks.

But our IoT coverage isn’t all doom and gloom! At the MongoDB event in New York City, Amazon CTO Werner Vogels waxed enthusiastic about the widespread impact of IoT. In this week’s Data Mill, senior news writer Nicole Laskowski lays out Vogels’ standout examples of IoT forays in the fields of science, retail, sports and more.

In other SearchCIO matters…

CIOs walk a tightrope when it comes to managing SaaS apps. On the one hand, losing track of the business’ use of cloud apps could put their organization at greater risk of a security breach; at the other extreme, cracking down on shadow app use, even for security purposes, could restrict employee efficiency and productivity. In part one of her feature, executive editor Linda Tucci lays out how CIOs should begin developing a balanced SaaS risk strategy. In part two, she gets tips from French Caldwell, governance, risk and compliance expert at Gartner, on how to create a top-down SaaS governance policy.

Recently, Laskowski ran into Massachusetts Congressman Joe Kennedy at the offices of CyberArk, an information security company, and discovered that cyberattacks are a growing concern at the Capitol. If it can happen to Target and eBay, then it can happen to smaller players, Kennedy explained. In her CIO Matters column, Laskowski details why Washington’s answer to cyberwar shouldn’t be about mandates and regulatory compliance.

There’s no shortage of SearchCIO coverage on the ubiquity of BYOD in enterprises, but how many corporate employees actually use their own devices for work? Well, if we’re talking tablets, just the few at the very top, according to Forrester. In this week’s Searchlight, associate editor Emily McLaughlin explains what could be behind the research’s findings; plus, get her take on Facebook’s recent psychological experiment and Google Glass’ more nefarious uses.

Deepak Tiwari, analytics head for Google’s consumer operations division, has learned many lessons and discovered the value of failing fast ever since he began at the company three years ago. Here on the CIO Symmetry blog, Laskowski outlines Tiwari’s top takeaways for enterprises and small businesses alike from his presentation at the recent Useful Business Analytics Summit.

In SearchCIO’s latest tweet jam, disaster recovery expert Paul Kirvan and other participants emphasized the importance not only of having a comprehensive DR plan, but also of frequently testing these plans to ensure that they can work in the event of a real disaster. Check out this #CIOchat recap for more on how to best implement a DR plan test schedule.

And on SearchCompliance…

The Federal Communications Commission’s proposal to amend Open Internet rules and allow ISPs to charge content providers a fee for prioritized delivery has drawn much criticism from various parties, including consumer advocacy groups, technology companies and even talk-show host John Oliver. In SearchCompliance’s latest installment of its FAQ series, find out if ISPs truly could control performance quality and speeds should the U.S. government enforce the net neutrality proposal. And in a recap from the latest #GRCchat, see tweet jam participants’ predictions on the impact of the proposal’s usage-based pricing structure on small and medium-sized businesses (SMBs).

U.S. companies have the not-so-easy task of complying with a wide variety of regulations; large financial institutions, for instance, must adhere to the Sarbanes Oxley Act (SOX), the Gramm-Leach-Bliley Act, the Payment Card Industry Data Security Standard and a host of other laws. In this SearchCompliance tip, contributor Judith Myerson focuses on four steps toward meeting SOX’s data compliance mandates.

And that’s all for the week’s news, folks! Watch out for another Symmetry roundup next week; in the meantime, keep track of our stories during the week by following @SearchCIO, @SearchCIOSMB and @ITCompliance.

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Die in peace CMDB!!!
never hear the word "CMDB" again is all I want for now..