Let's ditch best practices

Computerworld UK has just published an article from me combining three of my favourite thoughts. 

The first is that we should ditch old standards such as ISO 27001 and develop new practices. Unfortunately, that’s unlikely to happen. 

The second is that Trusted Computing and virtualization open up brand new possibilities. Now that one is happening: I’m seeing more and more start-ups looking at such solutions. I believe many of us will end the year with a changed perspective of how to do security. 

The third is what it takes to be a successful innovator. The answer is a long term vision and a relentless drive to keep pushing towards that goal. Unfortunately, few people have the passion and the pockets to do that. 

But, regardless of your views, the important thing is to get a better debate going about security. We need more revolution and less evolution.   

 

Join the conversation

4 comments

Send me notifications when other members comment.

Please create a username to comment.

Excellent article. It chimes with my thoughts on compliance to be found on my blog last June. I've posted this to LinkedIn here http://j.mp/eFto5C, let's see what discussion that generates. Regards Alan
Cancel
One important issue about compliance... Many companies don't view information security as important. After all, it is a cost which produces NO revenue, so it tends to track to the bottom of the "important" pile. Compliance (in our case, PCI) tends to be the club which gets the security initiatives recognized. Without mandated compliance, many of us information security professionals would be ignored.
Cancel
David, Agree with you that we need a different approach to IT security in today's business environment - and inside the Intel IT organization, we have embarked on a major redesign of our enterprise security architecture as we seek a whole new set of IT best practices. Last week, I had the chance to have dinner with the Intel CISO, Malcolm Harkins, who articulated his five irrefutable laws of information security that are driving this new thinking. Read more in this whitepaper on how Intel IT is "Rethinking Information Security to Improve Business Agility" http://www.intel.com/en_US/Assets/PDF/whitepaper/Rethinking_Information_Security_Improve_Business_Agility.pdf Chris
Cancel
David, Agree with you that we need a different approach to IT security in today's business environment - and inside the Intel IT organization, we have embarked on a major redesign of our enterprise security architecture as we seek a whole new set of IT best practices. Last week, I had the chance to have dinner with the Intel CISO, Malcolm Harkins, who articulated his five irrefutable laws of information security that are driving this new thinking. Read more in this whitepaper on how Intel IT is "Rethinking Information Security to Improve Business Agility" http://www.intel.com/en_US/Assets/PDF/whitepaper/Rethinking_Information_Security_Improve_Business_Agility.pdf Chris
Cancel

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close