Issue link: http://www.epageflip.net/i/96376
Media & Entertainment 37. • Governance and compliance—This is the less sexy part of security. But once you have security technologies, services, and policies in place, you have to continuously enforce them. • Security event data volume—There's probably a lot of data moving around your organization, especially when you add in partner networks. You have to distill threatattempt data into actionable intelligence so security measures can be implemented to stay ahead of evolving threats. • Extension and softening of network boundaries—This is partly driven by the increased use of contractors in media and entertainment. But the so-called "consumerization of IT," driven by the rapid consumer adoption of mobility and social media platforms, also means you will have to address the erosion of traditional network boundaries. • User identity management—Providing access to your content is no longer a one-time event. You have to provide, scale, and cut off access throughout the content lifecycle. • Focus on core competency—Security is probably not your primary focus, so you should partner with an organization that has the competency, capital, capacity, and speed to secure your content. • nfettered expansion of security vendors— U You have a lot of options in securing your content. You can implement the technologies yourself or obtain security as a service. But no matter which path you choose, it's critical to first get a complete understanding of the options, their capabilities, and trade-offs. Five attributes of a mature security ecosystem In meeting security challenges, it's critical to implement a comprehensive solution that has the breadth and depth to cover all vulnerabilities over the long-term. Just remember, you have to succeed continuously in protecting your content, but criminals only have to succeed once. Attribute 1: Risk-based approach When considering security options, it's best to first determine your organization's tolerance for risk. You can begin to do this by evaluating your current risk posture. Content is often scattered around the organization, and you need to find out what's being done to secure it. Most likely, it will first have to be classified and prioritized to know how risky the loss of specific content would be to the business.