Governance & Risk Management , IT Risk Management , Next-Generation Technologies & Secure Development
How to Minimize the Risk of Security Control DegradationJosh Mayfield of Absolute Software on the Unstoppable Force of Entropy
Information security programs continue to rely on not just security policies, but also the controls that ensure they get enforced. "Security controls are the enforcement of the intent that we had in mind," says Josh Mayfield of Absolute Software.
See Also: The Top 5 Security Practices With the Best Outcomes
Unfortunately, as research by Absolute Software has found, security controls in any environment inevitably degrade over time. As a result, organizations must put in place not just controls, but strategies for identifying when they degrade and taking action.
In a video interview with Information Security Media Group at RSA Conference 2019 in San Francisco, Mayfield discusses:
- What makes for a security control;
- Why security controls inevitably degrade over time, and how to predict what will go wrong;
- How organizations can maintain needed levels of security.
Mayfield is Absolute's director of security strategy. His experience in cybersecurity has focused on network security, threat hunting, identity management and endpoint security.