Richard Rushing, Chief Information Security Officer at Motorola Mobility, described the current state of information security during his presentation at the 2013 Chief Information Security Officer Leadership Forum in Chicago on Nov. 14. In his presentation, “The State of Security: Rough Night Out and Paper Airplanes on Fire,” Rushing noted that information security threats are everywhere, which makes it vital for an organization to develop an effective information security program.
According to Rushing, an organization should try to customize its information security program. Every organization is different, Rushing said, and a custom information security program ensures that an organization addresses challenges that it feels are relevant to its everyday operations. In addition, an organization can utilize user-friendly tools to ensure an information security program can be easily managed: “Our security posture has changed very little in the relationship to applications [and] the way we access them. … We’re still going from one point to the next point in accessing data. It’s still about [the] user, it’s still about access. It hasn’t changed dramatically in some of those areas.”
Rushing stated that an organization should constantly look to improve its information security program. Because technology is constantly changing, Rushing said, an organization should avoid standing pat, and seek solutions to bolster its information security program whenever possible: “Breaches are going to happen. Change is inevitable, both inside and outside. You can get help. There are plenty of people out there [who can] help with some of that.”