“Perpetual optimism is a force multiplier.”
At the closing keynote at Synergy this year, we heard from General Colin Powell about leadership, trust, and the power of positivity.
From any headlines you’ll read today, the state of security is looking like we have a rough road ahead. But while cyber is getting more attention than ever before, it’s not because we’re suddenly seeing all new threats. It’s because threats are becoming more personal, and it’s easier for cyber criminals to plug and play the malware of their choosing, and on a greater scale.
Not unlike diplomatic affairs, our goal is to understand our enemies to the best of our ability and predict their behavior to defend our organization and our customers.
We heard from General Powell that he lives by a set of rules he’s cultivated throughout his career that have created unstoppable teams.
As CSO of Citrix, I have a set of rules as well. And our team is a force to be reckoned with.
Rule No. 1: Protect and defend. As security professionals, we are dedicated to the protection and defense of data and applications. As attack methods evolve, so do we. BYO has become the norm, so it’s not just work data we’re protecting, and it’s not just on one single, corporate-issued device. It’s all the devices, all the time, in all places – over all networks, clouds and data centers. The enterprise security perimeter is forever expanding and changing.
Trust is a two-way street. We have the trust of employees to protect both work and personal data because that’s what is being accessed on all devices, all the time. At the same time we, as security professionals, are putting trust in employees to be smart about security best practices and creating a partnership with us so we can protect to the best of our ability.
Rule No. 2: Trust, but verify. To borrow words from President Reagan, our policies, our products and our culture follow this attitude of trust, but verify. We trust our employees and workforce to do the right thing with applications and data, but because the threat landscape is so dynamic, we take the extra step of added verification to ensure that all data is safe, all the time.
As General Powell said, “the rules of the road aren’t clear anymore.” So, we need to take added measures to make sure the right people are getting access to the right data, at the right time. General Powell noted that he’s more worried about an attack on financial systems than anything else. Now is the time for the world to move to contextual access – using behavior patterns and machine learning grant or deny access based on normal or abnormal behavior. Systems are smart; they can be taught to recognize these patterns and flag any behaviors or requests that fall outside the norm for an employee or contractor.
Rule No. 3: Security is a business. And it needs to be treated like one. A recent Oxford Economic Research study showed that businesses that supported virtual work and mobile business strategies outperformed their peers across a wide range of business metrics, including higher revenue growth and profits, reduced expenses, increased employee retention, and better customer satisfaction. Virtual work and mobile business strategies can be brought to life through security. Instead of looking at security as a productivity hindrance, companies need to look to security as a mobile business enabler.
As more attacks surface — and they will — they key is going to be learning from them, improving our proactive and reactive methods like enhanced security analytics, automating to protect against old and new threats, educating our workforce, and trusting them to help usher us into a more secure future.
Read more about the secure solutions we announced at Citrix Synergy 2017, “Citrix Unveils Innovations at Citrix Synergy to Power the Future of Work.” Or visit our Synergy news page.