Key challenges driving my security agenda

I’ve been asked to write up a paragraph on what I consider to be the key challenges driving my security agenda as a discussion starter for a forthcoming roundtable that I’ll be chairing. I think it’s all rather neatly summed up as follows:

“It is vital that we

ensure our security strategy is appropriately aligned with the direction of the

business, and as we develop new online platforms to include features such as

communities, blogs, and other dynamic user generated content, the challenge is

to ensure that these are delivered with security built in from day one. As we

consolidate and centralise many of our internal network services, bringing all

of our regional business units up to a common standard in terms of both technology

and in-house knowledge is also no easy task.  Looking forward, we’re putting a

lot more data and placing a good deal more reliance with third party service

providers: I doubt that the full scope of risk relating to “cloud” based

services is really yet known. Finally, a clearly defined network perimeter is a

thing of the past. We don’t really know where all our assets are any more. This

situation is only going to expand as we become much more mobile and dynamic in

the way that we work.”