Security threats are becoming increasingly complex, sophisticated and targeted and no organisation is immune, no matter how small it may be or how large a security staff it can maintain. At the same time, the world is becoming increasingly interactive and collaborative, with real time communication among employees, customers and partners of an organisation, using whatever device comes to hand, being the norm.
Organisations must respond by facilitating such working practices and ensuring that such interactions are as quick and efficient as people need, yet this means exposing themselves ever more to the outside world. They must punch holes in their increasingly porous perimeters to provide access to web and cloud-based applications and services supplied by external parties, and by enabling access for mobile workers.
In so doing, organisations can increase their productivity and responsiveness considerably but they are also increasingly exposing themselves to hackers and other criminals, who are using the popularity of the web, email and endpoint devices, especially mobiles, to their advantage.
Organisations need to take a more proactive stance on security. Addressing each threat vector in isolation is no longer sufficient given the fast growing number, and severity of, blended, targeted threats.
This document describes why a new security paradigm is needed and how it is enabled by, and enables, new technologies to be fully exploited. It is intended to be read by those in organisations of any size, whatever industry, who could benefit from reducing the complexity involved in security, risk and compliance management.