Security teams seek to defend against cyber threats. Audit strives for compliance (and to avoid non-compliance) with industry and regulatory requirements. The CIO needs a modern business dependent on digital assets to run smoothly. And at the center of these concerns are the business-critical applications such as SAP and Oracle on which the organization depends for everything from strategic planning to everyday operations. Who is responsible for keeping these assets secure and assuring all these priorities – and how do they address the unique requirements of these platforms?
The answer, of course, is that they are all involved – but how does that work in practice? How do organizations resolve competing priorities to assure the security, compliance, and reliability of business-critical applications that have board-level attention?
Join us to discuss how this balance can be found. During this session, we will explore best practices for aligning priorities to implement effective security and compliance solutions. We will discuss the importance of cross functional leadership and how to develop a successful strategy for business-critical application security.
Research Director of Information Security at 451 Research
Scott Crawford is Research Director of the Information Security practice at 451 Research, where he leads coverage of emerging trends, innovation and disruption in the information security market. Well known as an industry analyst covering information security prior to joining 451, Scott's background includes experience as both a vendor and an information security practitioner. At IBM, Scott guided offering strategy and development with a primary focus on security intelligence for IBM Security Services. He is the former CISO of the Comprehensive Nuclear-Test-Ban Treaty Organization (CTBTO) International Data Centre in Vienna, Austria, where he pioneered the implementation of security policy and architecture for a non-governmental organization (NGO) serving more than 150 nations. His experience includes systems and security management for leading organizations in both the private and public sectors, from Emerson to a division of the University Corporation for Atmospheric Research in Boulder, Colorado focused on the collection, management and analysis of geophysical and meteorological data.