Information security initiatives are often bogged down by internal 'red tape' and complicated change control, with a long list of approvals required before anything significant can be accomplished.
These, says Dimitri Fousekis, COO of Telspace Systems, are among the most common reasons why information security implementations fail to deliver true benefits to companies.
"Information security is a key driver of all large enterprises and corporates. However, in many cases, it is not viewed as an enabler of business, but rather a cost, delay or impact to business reaching its goals and objectives. This is often due to a lack of understanding of what information security is, and how the entire industry exists to enable business and protect it, not to be a stumbling block in business delivery."
Many businesses have achieved success at turning information security into an enabler for business, says Fousekis. But maintaining such a relationship is constantly challenged by new requirements, legislation and vulnerabilities, coupled with requirements from business to deliver their objectives that keep the wheels of the enterprise turning, he adds.
Fousekis says ongoing success requires a balance between adherence to information security (infosec) requirements and the ever-changing needs of the business. "This requires an understanding from both sides as to what is reasonably required, and how to maximise deliverables for all parties in a coherent and efficient manner. It is a give-and-take situation, where risk and delivery must be taken into consideration."
Telspace Systems will address these and other common infosec inhibitors by turning to security analyst, Reino Mostert. During his presentation at the upcoming 10th annual Security Summit, Mostert will use his experience gained as both attacker and defender at Telspace Systems to expose the most common flaws within the practice of information security in large corporates and enterprises.
Mostert will cover business and technical aspects - with a special focus on the process complexity that eventually leads to security failings. He will expand on real-life examples of security failings, the technical issues involved, fixing these issues and how this relates back to business processes.
The ITWeb Security Summit 2015 takes place at Vodaworld in Midrand from 26-28 May. Click here to find out more and register.