DXCTechTalk

Raising Your Resiliency
Managing Enterprise Risk in a Connected World
   7 years ago
#DXCTechTalkThe Digital WorkplaceEmpowering Workforces with Invisible IT
   6 years ago
#DXCTechTalkTransforming the WorkEnabling digital transformation through BPS and next-gen, double-deep skills.
Top Votes
Dan Hushon
What is the most vulnerable surface in an enterprise?
[+] Show Hidden Comments
[-]
Dan Hushon
or if compromised the one that offers the biggest threat?
[-]
Arin Dey
We have started using IoT and it is increasing day by day. I think the growth in internet-connected devices is also bringing about an "explosion" in vulnerabilities.
[-]
Max Hemingway
from recent events it has to be the End User Devices that are most vulnerable that effects the back end. Providing good security and practices helps reduce the rick
[-]
Chris Swan
the inside of the perimeter
[-]
Stuart Lawrence
Agree with Art, humans are still the weakest link.
[-]
Dan Hushon
@cpswan YES, thinking that only trusted people are inside is a huge weakness... people need to think of the intranet as a Starbucks IMHO
[-]
chris moyer
fastest spread mechanism is network oriented so it is the part to protect, but the surface area increase from iot, mobile extended employee base lets risk in
[-]
Graham Chastney
@cd_moyer Do we not need to acknowledge that the risk is already "in" and work from that basis?
Jose Ward
Great session today #dxctechttalk. Very insightful.
[+] Show Hidden Comments
[-]
chris moyer
Thanks. It is useful to see where the pressure points are and how people are thinking of addressing them
[-]
Heather Simpson 🌈🍃
I agree! @danhushon and @cd_moyer and Art Wong had some great discussion points. I especially like Dan's where would you spend your 1 dollar....defense or resiliency. Thanks for joining us!!
Arin Dey
What are the company’s top risks, how severe is their impact and how likely are they to occur?
[+] Show Hidden Comments
[-]
chris moyer
I believe the loss of communication and ability to produce / ship / invoice is where most focus is
[-]
Dan Hushon
compromise of identity infrastructure -> who made what change to what?
[-]
Jim Fagan
What about the business reputation, brand, keeping consumer data safe, trust issues? Possible for significant damage
[-]
Kishore Chekuri
Staying on top of a dynamic threat landscape with increased digitisation of IT and OT landcape, responding to a breach
Dragan
Nice job highlighting the direct link between security breaches and business continuity planning.
[+] Show Hidden Comments
[-]
Dan Hushon
continuity & re-constitution - hand and glove
Dan Hushon
are cloud platforms more secure? how about resident? - PaaS / Productivity / BPaaS
[+] Show Hidden Comments
[-]
Dan Hushon
[sic] resielient
[-]
chris moyer
By design more resilient.. Attacked often so getting more resilient...but still takes design thinking to improve security in these environments
[-]
Kishore Chekuri
Yes if the development community knows what they are doing - by Design
[-]
Arin Dey
However, the argument around security and privacy issues in the cloud still comes up often. While there is a certain amount of emotion, and sometimes politics, at play, you must educate those in enterprise IT around the real issues and the real.
[-]
Arin Dey
So, indeed.. clouds are more secure than traditional systems, generally speaking.
[-]
Graham Chastney
Is "secure" the right question for this conversation, "resilient"?
[-]
Dan Hushon
do they secure the information/service and then are they resilient to the disruption of service/corruption of the information?
Arin Dey
Are our risk management capabilities continuously improving to ensure we are managing our risks effectively in a changing business environment?
[+] Show Hidden Comments
[-]
chris moyer
I believe they are, but slower than the digitization of processes and connectivity we are putting into our enterprises
Doug Austin
Chris Moyer I agree that Gov't is one of the best industries to watch. They practice and drill 2x/yr. Do they drill on rebooting the entire mission? no - systems only;Are they in better shape than most companies? Yes - generally better equipped than F1000
[+] Show Hidden Comments
[-]
Doug Austin
see NIST template http://nvlpubs.nist....
[-]
Max Hemingway
Thanks for sharing
[-]
Lisa Braun
That's interesting about gov't leading here--cc'ing @michaelconlin10 on that.
[-]
Sukhi Gill
Agree that while some practice system level recovery not many practice the reconstitution of the entire information systems landscape.
[-]
chris moyer
Govt, exp. defence has more experience, but they are not as digitized so they too are learning to adjust
[-]
Sukhi Gill
Not being as digitally converged may also provide resilience. At least in Defence scenarios you can switch to a telephone or failing that Radio network. In some recent DR scenarios Enterprises broke when VOIP/AD/IDAM were down.
Arin Dey
Thanks @danhushon @cd_moyer. It was an awesome and very informative session live over hangout :)
[+] Show Hidden Comments
[-]
Dan Hushon
Always - thanks for joining
[-]
chris moyer
Appreciate you joining and contributing with the questions
[-]
Heather Simpson 🌈🍃
I second your sentiments, Arin, but also Dan's thanks for joining and bringing some great questions!
[-]
Arin Dey
You're most welcome :)
[-]
Arthur Wong
Thanks for joining in
Graham Chastney
Great point @danhushon on thinking through the "start up sequence" for the enterprise. Many organisations have dependency circles that would make a complete re-start almost impossible.
[+] Show Hidden Comments
[-]
Dan Hushon
agree, and that's just IT... what happens if you need to restart the OT for mine/refinery/manufacturing/powerplant?
Arin Dey
Does the company understand the key assumptions underlying its strategy and align its competitive intelligence process to monitor external factors for changes that could alter those assumptions?
[+] Show Hidden Comments
[-]
Dan Hushon
sometimes they understand the 1degree assumptions, the problem is the deeper risks and counter correlated (deep link) challenges.