How to Improve Your Organization’s Risk Management and Maximize Mobile and Cloud Security

Data breaches continue to make headlines on a daily basis and can pose significant threats to an organization’s bottom line. Attackers are exploiting vulnerabilities in cloud, mobile and Web applications, giving them access to treasure troves of organizational data. The sheer volume and breadth of potential vulnerabilities can make it challenging for organizations to focus their security initiatives, keep their skill sets current and maximize security budgets.

Key Resources

IBM has significant expertise in risk management, mobile and cloud security. Leading up to IBM InterConnect 2015, we thought you’d like to consult the following blogs from thought leaders who will present at the event:

• Constantine Grancharov will co-present Session No. SAS-3428, titled, “Addressing Application Security: It’s a Matter of Risk Management” in the Application and Data track, along with Scott Takaoka from WhiteHat Security. Grancharov recently authored a blog post on the importance of adopting an application security risk management program in your organization to protect your valuable intellectual property, strategic plans and customer data.
• Jonathan Carter from IBM partner Arxan and David Marshak from IBM will present a compelling session No. SAS-5600 about protecting mobile applications from potential attacks. The session is titled, “Think Like a Hacker! Common Techniques Used to Exploit Mobile Apps and How to Mitigate Them.” The companion blog post by Patrick Kehoe at Arxan challenges the misconceptions organizations have about the security of online app stores and provides recommendations about how you can mitigate your hacking risk.
• Dan Wolff and Nataraj Nagaratnam IBM will present Session No. SAS-5859, “Cloud Is an Opportunity to Get Security Right.” In the session, they will discuss how organizations can better manage access, protect data and gain visibility into cloud access, user activity, threats and compliance by adopting cloud strategies. To learn how to make an internal case for cloud-based application security testing, check out the blog post I recently co-wrote with Eitan Worcel at IBM.

So what’s the best way to educate yourself about these topics so you can maximize your security spending and improve productivity? By registering to attend IBM InterConnect in person, in sunny Las Vegas, from Feb. 22 to Feb. 26.

Learn From Security Professionals Just Like You

Selected customer sessions in the Application and Data track at IBM InterConnect 2015 include the following:

• A panel of experienced IBM Security client speakers will share best practices for leveraging security intelligence and analytics to help you improve your risk management program and make more informed security decisions (Session No. SAS-5009).
• An international shopping center group will reveal how it modernized its security program to plan more effectively for security threats, assembled a collaborative team across the organization to implement a new distributed security model and promoted the new initiative throughout the business (Session No. SAS-2604).
• A Canadian bank will educate you on how it implemented an enterprise-wide software security program, including how it adapted its organizational software security model to improve static and dynamic application security testing capabilities, reporting and management of performance metrics (Session No. SAS-3880).
• A North American government entity will explain how it implemented a digital invoice certification program in order to comply with new legislation that required privileged data, such as payroll records and commercial invoices, to be digitally signed (Session No. SAS-5493).
• A health care company will review how it managed its evaluation process for an application security testing solution, including developing vendor selection criteria, evaluating vendors, implementing the solution and jump-starting productivity after adopting the solution (Session No. SAS-2195).

For an overview of all the sessions in this track, consult the Application and Data Security track agenda.

Aerosmith at IBM InterConnect

This conference begins in less than a month, so register now and immediately add these sessions to your calendar with our convenient Agenda-Builder tool. Information about the planned Aerosmith concert may be found by clicking here.

In the meantime, stay tuned for follow-up blogs from our speakers and panelists, and check out more of our thought leadership blogs.