Managed Security Services — Build Versus Buy

 

While you are at the Forrester Security IT Forum in Miami, you might also want to attend my session on Managed Security Services Providers. In my role as an analyst, I speak to many security leaders that wrestle with the outsourcing question. Security is a sensitive topic and many security executives are uncomfortable transferring operational responsibility for this function to a third party.

This presentation will present techniques to help security managers make decisions on what they can trust to a third party and more importantly, what they should outsource to a third party. This should be a lively presentation and discussion on what is a sometimes-controversial topic. I hope to see you there.

The Impact Of Proposed Cybersecurity Legislation On Private Sector CISOs - Miami Security Forum

At the upcoming Forrester Security IT Forum (November 9) in Miami, Florida, I will present information on President Obama's cybercrime legislative initiative. This presentation and discussion will focus on the pending legislation in Congress and the Obama administration’s proposal to strengthen cybercrime law. There is a real need for this. Today there are 46 states with cybercrime breach reporting laws. While similar, there are enough differences to make reporting more complex. In addition, these laws only address PII and do very little to address other types of cybercrime. This new proposal addresses both PII and attacks on the nation’s critical infrastructure. The proposal stiffens criminal penalties and provides for the Department of Homeland Security to serve as the “new sheriff in town” when it comes to cybercrime.

Also associated with this proposal is a mandatory reporting requirement for organizations that manage more than 10,000 pieces of PII in a twelve-month period, or who provide critical infrastructure. Critical infrastructure is a very broad definition and includes financial services, utility, healthcare, as well as other industries. Please join me in Miami, as we present and discuss the proposal and its impact on private industry. I hope you can join us.