How do you think Biden’s executive order will be actioned? (https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/)
VP, Chief Security & Compliance Officer in Software, 1,001 - 5,000 employees
We carry some of these federal certifications and looking at this new executive order, I think a lot of the companies in those spaces are trying to do the right thing in these areas and strengthen controls around these expectations. At first it’s the heavily regulated industries who gravitate toward these new standards because they have to maintain certification. But then that shift starts to trickle down to supporting industries.Chief Information Security Officer in Healthcare and Biotech, 501 - 1,000 employees
Unless we have something like the software bill of materials (SBOM) there's no easy way for us to adopt Zero Trust across different systems and avenues of data consumption/use. With Zero Trust architecture, one of the biggest verticals is asset inventory management. It's not just the systems, it's the services that interact with them, the wearables and SBOM, which is actually one of the biggest elements of the supply chain. There used to be an open standard in the past, and I'm not sure how widely adopted it was, but there's no regulatory standard as far as I know. There’s no sub aspect to our regulatory body that actually enforces anything similar to the SBOM.Senior Director, Defense Programs in Software, 5,001 - 10,000 employees
It’s certainly being acted upon in Federal, and that is a fair market to develop better tools and processes that many can benefit from. Realistically, there are major technology leaders that didn’t do better before this that we should all be asking why they didn’t define a more secure future. These are also pieces that have been ongoing for a while & this brings necessary attention. DoC’s SBOM work has been great, NIST’s OSCAL has been in the works for years (and I made plenty of fun of it) and is finally breaking out, and Zero Trust (including TIC 3.0)… Building blocks, and plenty of room to improve.
Content you might like
Software category14%
Organizational structure45%
New operating model19%
Buzzword21%
577 PARTICIPANTS
Yes54%
No32%
Unsure12%
512 PARTICIPANTS
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.ISSO and Director of the IRU in Healthcare and Biotech, 10,001+ employees
I would definitely suggest this based of how you categorize your types of data/systems and information being stored in certain parts of your data center. I think it’s really dependent on the size of your organization and ...read moreDirector Global Network / Security Architecture and Automation in Finance (non-banking), 10,001+ employees
Nothing ever dies in Enterprise. Why did Broadcom Software buy Symantec and VMWare, why did SDX Central post a story today about MPLS and how it lives on. Why is the hot news about cloud repatriation becuase a terrible app ...read more
I've been raising this flag about security in the electronics industry and all the industries it feeds for 3 years now, and I haven't seen much change. You can build a Zero Trust architecture, but that should start at RoadM and go through whatever filtration and rules gathering you do as an individual organization. Look at old technologies that are still useful, like Sniffers, Tumbleweed and RoadM in its current incarnation, which takes your data stream and partitions it into channels that you can then break down to get transparency at the packet level. I don't know how else you would approach this.