Posts Tagged ‘security’

Adapting IT Security to a Digital World: Going from Gatekeeper to Collaborator

Ujjwal Rajbhandari

Ujjwal Rajbhandari

IT Director, Cloud Engineering, Dell IT

As IT continues to empower a new, digitally-transformed world, infrastructure capability isn’t the only thing that needs to become more agile and flexible. IT security must also evolve to be more adaptable, more proactive and less reactive to let today’s workforce embrace the cloud.

After all, it doesn’t make sense to unleash new, agile IT applications only to weigh them down with traditional security strategies that create delays, restrictions and outright denials.

For example, in some cases with IT as a Service, a user can provision a virtual machine (VM) in five minutes but then must wait three to five days before security allows access to the data he or she wants to work with.

The question is, how is IT security going to change in this new digitally transformed world so that we can fully take advantage of the agility and simplification of cloud-enabled infrastructure.

A key part of the answer lies in a new approach to trust and risk assessment.


Building the Modern Data Center on a Foundation of Trust

Matt McCormack

Matt McCormack

Chief Security Officer at EMC
Matt McCormack

Latest posts by Matt McCormack (see all)

If your organization is struggling with how to keep your enterprise data secure in the cloud, you aren’t alone. The fact is, the modern data center poses some fairly new security challenges and there is no rule book on how to meet them. Even in security, we are learning as we go.

Matt McCormack, Chief Security Officer at EMC, explores this learning process in a blog on EMC’s Reflections site, which features reports from the road by EMC executives. Read his full blog at

Electric Gadgets, Space Junk and Cyber Security: Purging Obsolete IT Controls

As we in IT security scramble to put more and better controls in place to combat a changing array of cyber threats, we as an industry are facing an interesting dilemma: How do we assess the usefulness and value of all the controls we have deployed over the years and continue to have in place?

After all, as I talk to people across the cyber security industry, I almost never encounter anyone who can tell me a story about having turned off a security control once they turned it on.  Yet, with the changing threat landscape, we clearly need to be adding new security technologies and processes to our already substantial arsenal.

Building the Security Team of Today and Tomorrow

Dave Martin

Dave Martin

Vice President and Chief Security Officer at EMC

Technologies such as mobile, social networking, analytics and cloud computing are changing the security landscape, and security technologies are rapidly evolving to address that change.

It’s not just the technology that needs to change, however: security teams need to change as well.

EMC has evolved and must continue to evolve our security team to effectively combat the threats of today and tomorrow. The core skills essential to expand include business engagement and awareness; a consultative approach; the ability to sell or “market” security; and creative control design for the mobile and cloud-enabled world of tomorrow.


Changing Security Behaviors: How Marketing Savvy Can Break Patterns

Data-hacking hound dogs beware. EMC recently got a little help from Elvis in battling cyber criminals.

The “King” was at the center of an integrated marketing campaign our Global Security Operations ran this spring to encourage IT users to avoid clicking on suspicious email links that could lead to phishing attacks on our company’s data.

The several-week advertising effort featured a videotaped parody of the Elvis Presley song “Suspicious Minds,” in which ITers acted out why users shouldn’t click on “Suspicious Links,” It also featured a security awareness contest.

The campaign resulted in more than double the number of users reporting phishing attempts via suspicious emails. It also substantially increased the number of users going to our security awareness site, which we call FirstLine in recognition of the fact that the actions of IT users are the first line of defense against cyber-attacks.