For Security & Risk Professionals

Primary Analyst Photo	Document Information	Rate this Document
	January 5, 2009 Data-Centric Security Requires Devolution, Not A Revolution CISOs Must Revisit The Need To Centrally Control Data Security by Andrew Jaquith with Khalid Kark, Stephanie Balaouras, Rachel A. Dines	Average: 5  (4 ratings)

This is an excerpt

Executive Summary

Despite years of investments in technology and processes, protecting enterprise-wide data remains a maddeningly elusive goal for chief information security officers (CISOs). Software-as-a-service (SaaS), Web 2.0 technologies, and consumerized hardware increase the number of escape routes for sensitive information. Regulations, statutes, and contractual expectations drown CISOs in audit requests and ratchet up the pressure to do something about the problem. Meanwhile, hordes of vendors confuse CISOs with innumerable sales pitches. Forrester believes there is a better way to secure corporate data — stop trying so hard. Instead, devolve responsibility to the business, keeping controls closest to the people who use the data. IT security should be primarily responsible only for deploying data protection technologies that require minimal or no customization.

This is an excerpt

Buy Risk-Free

Price: US $499

Our Service Guarantee: If you are not completely satisfied with this document, notify Forrester within 24 hours of purchase for a full refund.

Already a Forrester Client?
Log in to read this document.