fermer
fermer
Le réseau de demain
Le réseau de demain
Planifiez votre chemin vers un réseau plus rapide, plus sûr et plus résilient, conçu pour les applications et les utilisateurs que vous prenez en charge.
          Essayez Netskope
          Get Hands-on With the Netskope Platform
          Here's your chance to experience the Netskope One single-cloud platform first-hand. Sign up for self-paced, hands-on labs, join us for monthly live product demos, take a free test drive of Netskope Private Access, or join us for a live, instructor-led workshops.
            Un leader sur SSE. Désormais leader en matière de SASE à fournisseur unique.
            Un leader sur SSE. Désormais leader en matière de SASE à fournisseur unique.
            Netskope fait ses débuts en tant que leader dans le Magic Quadrant™ de Gartner® pour le SASE à fournisseur unique.
              Sécuriser l’IA générative pour les nuls
              Sécuriser l’IA générative pour les nuls
              Learn how your organization can balance the innovative potential of generative AI with robust data security practices.
                Modern data loss prevention (DLP) for Dummies eBook
                La prévention moderne des pertes de données (DLP) pour les Nuls
                Get tips and tricks for transitioning to a cloud-delivered DLP.
                  Réseau SD-WAN moderne avec SASE pour les nuls
                  Modern SD-WAN for SASE Dummies
                  Cessez de rattraper votre retard en matière d'architecture de réseau
                    Identification des risques
                    Advanced Analytics transforms the way security operations teams apply data-driven insights to implement better policies. With Advanced Analytics, you can identify trends, zero in on areas of concern and use the data to take action.
                        Les 6 cas d'utilisation les plus convaincants pour le remplacement complet des anciens VPN
                        Les 6 cas d'utilisation les plus convaincants pour le remplacement complet des anciens VPN
                        Netskope One Private Access is the only solution that allows you to retire your VPN for good.
                          Colgate-Palmolive protège sa "propriété intellectuelle" "grâce à une protection des données intelligente et adaptable
                          Colgate-Palmolive protège sa "propriété intellectuelle" "grâce à une protection des données intelligente et adaptable
                            Netskope GovCloud
                            Netskope obtient l'autorisation FedRAMP High Authorization
                            Choisissez Netskope GovCloud pour accélérer la transformation de votre agence.
                              Let's Do Great Things Together
                              La stratégie de commercialisation de Netskope privilégie ses partenaires, ce qui leur permet de maximiser leur croissance et leur rentabilité, tout en transformant la sécurité des entreprises.
                                Solutions Netskope
                                Netskope Cloud Exchange
                                Netskope Cloud Exchange (CE) provides customers with powerful integration tools to leverage investments across their security posture.
                                  Support technique de Netskope
                                  Support technique de Netskope
                                  Nos ingénieurs d'assistance qualifiés sont répartis dans le monde entier et possèdent des expériences diverses dans les domaines de la sécurité du cloud, des réseaux, de la virtualisation, de la diffusion de contenu et du développement de logiciels, afin de garantir une assistance technique rapide et de qualité
                                    Vidéo Netskope
                                    Formation Netskope
                                    Grâce à Netskope, devenez un expert de la sécurité du cloud. Nous sommes là pour vous aider à achever votre transformation digitale en toute sécurité, pour que vous puissiez profiter pleinement de vos applications cloud, Web et privées.

                                      Managing a World Class Security Program in a Recession

                                      Nov 07 2023

                                      As signs of a global recession continue to linger, many businesses are still tightening their spending across the board. Though cybersecurity remains a critical concern for virtually every type of organization, even security leaders may need to watch their spending—while somehow still keeping pace with the latest threats and risk exposures. 

                                      Some leaders may instinctively just want to keep their heads down and tread water through the storm; but the challenges of the times offer a unique chance to transform your security organization. And building a world-class security program starts with you. Best of class CISOs will use this opportunity to prove their worth as a leader and deliver a better overall security program—one that’s both risk-based and responsive to changing business conditions. 

                                      The obvious challenge is that in a recession, most companies will become more conservative with funds. Even critical security upgrades may be subject to scrutiny. So be prepared to talk with your executive team about how security is doing its part. Frame the discussions around all the ways security is measurably driving business enablement—from helping to earn revenue, to establishing trust with customers, to facilitating implementation of new digital tools. 

                                      In support of demonstrating value toward justifying security budgeting going forward, focus your program objectives on three main areas of impact: resilience, cost management, and business agility.

                                      Building Trust and Resilience

                                      While historical data shows that economic downturns bring more cyberattacks, your discussions with other C-suite leaders about security budgeting should focus on demonstrating value rather than warning about potential risks. Avoid using “FUD” (fear, uncertainty, and doubt) about things like the cost of a successful ransomware attack or the fines from a compliance violation. These kinds of arguments make weak cases for budget requests.

                                      Instead, CISOs should focus on building trust with other executives by showing how their program supports business enablement. You need to make detailed use cases for how security impacts the bottom line or how it directly contributes to customer retention (such as signing a client with strict regulatory requirements). Using positive messages reinforces the often overlooked fact that security creates its own unique and measurable value—it isn’t just another cost center being carried by the sales team.

                                      Managing Costs and Complexity

                                      Like any technology infrastructure, security can get bloated. Most existing architectures today have been built product-by-product, and over time, they have become exceedingly complex. Complexity is the enemy of security because it can obscure vulnerabilities while creating costly operational inefficiencies. 

                                      There’s an old saying in security: “We’re great at buying new products, we’re poor at implementing, we forget about optimizing, and we never remove.” Though many teams have fallen into the habit of adding on products, services, and subscriptions to cover new exposures and gaps as they appear, now is the time to reevaluate whether or not all these things still effectively serve their intended purposes. CISOs should use this opportunity to assess their existing security architecture and licensing.

                                      Consolidation can help simplify your infrastructure to improve efficiencies, reduce costs, and shrink the organization’s attack surface. Additionally, it can help you maximize the value of existing staff. You’re probably not going to lay anybody off, since most security teams today are already understaffed. But infrastructure consolidation can also enable automation of more routine tasks—things like patch management. This frees-up your team for higher-impact activities, like threat hunting and active risk management. Get more from your people without adding headcount.

                                      Boosting Business Agility

                                      In uncertain times, change is the only constant. These changes might include shifting to new cloud-based tools that help the business save on licensing costs, or major organizational adjustments that come with mergers and acquisitions (M&As). A world-class security program is one that’s designed to enable dynamic business agility—keeping the organization safe and scalable at every turn. 

                                      A risk-based, agile security program can help business units rapidly respond to market demands while simplifying the user experience, ensuring productivity, and reducing overhead. This might include seamless adoption of the latest SaaS applications, securing hybrid work at-scale via zero trust network access (ZTNA), or connecting and protecting newly acquired offices with SD-WAN solutions. 

                                      An Opportunity to Transform Security

                                      Periods of economic hardship come and go. I’ve weathered similar storms leading security teams through the dot-com bust of the early-2000s and the financial crisis of 2008. For CISOs, this is an opportunity to show that you are a true leader—an equal member of the executive team who is doing your part to manage the situation. 

                                      While the value of security is always grounded in preventing all the damage that comes with a breach (e.g., stolen data/IP, financial losses, legal/regulatory penalties, bad publicity), a world class security program is one that confidently contributes to the broader organization’s goals and activities. Focusing your plans on resilience, cost management, and business agility not only will help you build a more efficient program—it will ultimately help you deliver more effective security as well. 

                                      Article originally published at Security Boulevard.

                                      author image
                                      James Christiansen
                                      James Christiansen is Netskope’s VP of cloud security transformation and leader of the Global Chief Strategy Office. He is focused on enhancing Netskope’s global clients.
                                      James Christiansen is Netskope’s VP of cloud security transformation and leader of the Global Chief Strategy Office. He is focused on enhancing Netskope’s global clients.

                                      Restez informé !

                                      Abonnez-vous pour recevoir les dernières nouvelles du blog de Netskope