Every month or so, news events (attacks on government sites, massive privacy breaches, etc.) provide a ‘wake-up call’... a proof point used by vendors and practitioners alike that protecting our national and corporate information assets has never been more critical. On occasion we even see these incidents yield promises of action, for example the anticipated appointment of a US Cybersecurity Czar, which my colleague Khalid Kark discusses here.
But in spite of these warnings, my conversations with enterprise risk and IT risk professionals still reveal many disconnects, including that IT risks are not measured consistently with other enterprise risks. In addition, many IT risk professionals do not see their biggest risks showing up on the corporate risk register.
Today, Check Point Software Technologies, one of the old guard in the world of information security, announced they are purchasing Nokia's security appliance business. This is welcome, if late, news to Check Point's customers who use Nokia hardware. For many years, Nokia was the de facto hardware platform for deploying Check Point firewall software. Check Point/Nokia shops have been struggling for months to decide how to respond to Nokia's announcement that they would rid themselves of this troublesome (think non cell phone) business. For customers with sometimes hundreds of Nokia appliances, the fear of potentially unsupported hardware, or of a big firewall replacement project, were equally disturbing.
This new agreement spawns a couple of interesting questions: