Identify risks from the business perspective.
Traditional risk management practices have a very technical focus, displaying risks for servers, IP addresses, and other elements seldom understood by the business. But, according to a recent survey, nearly half of respondents said that they want to view risk by the business application, as opposed to only 30 percent who want to see their exposure by network segment, and 22 percent by server or device. This is important because it not only allows security teams to more effectively communicate with business owners, but it also prepares and encourages them to "own the risk."
One method of achieving this application-centric approach to risk management is to integrate security policy management with vulnerability scanners that are already in use in the organization. By viewing risk by application, it allows the organization to make better risk decisions with the business in mind.
Data Center Applications and the Cloud: What You Need to Know
Data Center Applications and the Cloud: What You Need to Know
A recent survey of 240 information IT and security professionals found that many organizations plan to migrate data center applications to the cloud despite often experiencing application connectivity disruptions in the process.
Virtualizing a physical data center and moving it to a private or hybrid cloud requires careful analysis of both security and connectivity needs. The challenge is that you must perform these actions without disrupting existing services and without unplanned downtime. And with data center applications typically being composed of servers, networking and storage components and security infrastructure baked with complexity, when a new application is deployed or a connectivity update is made, it is often fraught with risk. In this slideshow, AlgoSec, a security policy management company, examines five things to consider before migrating data center applications to the cloud.
