Governance & Risk Management , IT Risk Management , Next-Generation Technologies & Secure Development

How to Minimize the Risk of Security Control Degradation

Josh Mayfield of Absolute Software on the Unstoppable Force of Entropy Mathew J. Schwartz (euroinfosec) • March 7, 2019

How to Minimize the Risk of Security Control Degradation

Josh Mayfield, director of security strategy, Absolute Software

Information security programs continue to rely on not just security policies, but also the controls that ensure they get enforced. "Security controls are the enforcement of the intent that we had in mind," says Josh Mayfield of Absolute Software.

See Also: The Top 5 Security Practices With the Best Outcomes

Unfortunately, as research by Absolute Software has found, security controls in any environment inevitably degrade over time. As a result, organizations must put in place not just controls, but strategies for identifying when they degrade and taking action.

In a video interview with Information Security Media Group at RSA Conference 2019 in San Francisco, Mayfield discusses:

What makes for a security control;
Why security controls inevitably degrade over time, and how to predict what will go wrong;
How organizations can maintain needed levels of security.

Mayfield is Absolute's director of security strategy. His experience in cybersecurity has focused on network security, threat hunting, identity management and endpoint security.

Previous
Network Security: The Next Generation

Next
A Shift to Endpoint Prevention and Response

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

You might also be interested in …

Automation Antidotes for the Top Poisons in Cybersecurity Management

Automation Antidotes for the Top Poisons in Cybersecurity Management

5 Ways to Weather Cybersecurity Storms

5 Ways to Weather Cybersecurity Storms

Gartner Market Guide for AIOps Platforms

How To Take the sh Out of IT

How To Take the sh Out of IT

2022 GigaOm Radar for AIOps Solutions Names Splunk a Market Leader

Unleash the Firewall across the Hybrid Multi-Cloud

Unleash the Firewall across the Hybrid Multi-Cloud

Cloud-Delivered Security for the Digital Workspace

Securing Digital Identity in Healthcare

Securing Digital Identity in Healthcare

Hindsight Is 2020

Hindsight Is 2020

Around the Network

Showing Evidence of 'Recognized Security Practices'

Showing Evidence of 'Recognized Security Practices'

Are We Doomed? Not If We Focus on Cyber Resilience

Are We Doomed? Not If We Focus on Cyber Resilience

Craig Box of ARMO on Kubernetes and Complexity

Craig Box of ARMO on Kubernetes and Complexity

Protecting the Hidden Layer in Neural Networks

Protecting the Hidden Layer in Neural Networks

Securing the SaaS Layer

Securing the SaaS Layer

Whistleblowing Brings Visibility to the Role of CISOs

Whistleblowing Brings Visibility to the Role of CISOs

David Derigiotis on the Complex World of Cyber Insurance

David Derigiotis on the Complex World of Cyber Insurance

Organization-Wide Passwordless Orchestration

Organization-Wide Passwordless Orchestration

How 2U Inc. Is Fortifying Its Systems and Solutions Designs

How 2U Inc. Is Fortifying Its Systems and Solutions Designs

The Persisting Risks Posed by Legacy Medical Devices

The Persisting Risks Posed by Legacy Medical Devices

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.