閉める
閉める
明日に向けたネットワーク
明日に向けたネットワーク
サポートするアプリケーションとユーザー向けに設計された、より高速で、より安全で、回復力のあるネットワークへの道を計画します。
          Netskopeを体験しませんか?
          Netskopeプラットフォームを実際に体験する
          Netskope Oneのシングルクラウドプラットフォームを直接体験するチャンスです。自分のペースで進められるハンズオンラボにサインアップしたり、毎月のライブ製品デモに参加したり、Netskope Private Accessの無料試乗に参加したり、インストラクター主導のライブワークショップに参加したりできます。
            SSEのリーダー。 現在、シングルベンダーSASEのリーダーです。
            SSEのリーダー。 現在、シングルベンダーSASEのリーダーです。
            Netskope、2024年ガートナー、シングルベンダーSASEのマジック・クアドラントでリーダーの1社の位置付けと評価された理由をご確認ください。
              ダミーのためのジェネレーティブAIの保護
              ダミーのためのジェネレーティブAIの保護
              ジェネレーティブ AI の革新的な可能性と堅牢なデータ セキュリティ プラクティスのバランスを取る方法をご覧ください。
                ダミーのための最新のデータ損失防止(DLP)eBook
                最新の情報漏えい対策(DLP)for Dummies
                クラウド配信型 DLP に移行するためのヒントとコツをご紹介します。
                  SASEダミーのための最新のSD-WAN ブック
                  SASEダミーのための最新のSD-WAN
                  遊ぶのをやめる ネットワークアーキテクチャに追いつく
                    リスクがどこにあるかを理解する
                    Advanced Analytics は、セキュリティ運用チームがデータ主導のインサイトを適用してより優れたポリシーを実装する方法を変革します。 Advanced Analyticsを使用すると、傾向を特定し、懸念事項に的を絞って、データを使用してアクションを実行できます。
                        レガシーVPNを完全に置き換えるための6つの最も説得力のあるユースケース
                        レガシーVPNを完全に置き換えるための6つの最も説得力のあるユースケース
                        Netskope One Private Accessは、VPNを永久に廃止できる唯一のソリューションです。
                          Colgate-Palmoliveは、スマートで適応性のあるデータ保護により「知的財産」を保護します
                          Colgate-Palmoliveは、スマートで適応性のあるデータ保護により「知的財産」を保護します
                            Netskope GovCloud
                            NetskopeがFedRAMPの高認証を達成
                            政府機関の変革を加速するには、Netskope GovCloud を選択してください。
                              一緒に素晴らしいことをしましょう
                              Netskopeのパートナー中心の市場開拓戦略により、パートナーは企業のセキュリティを変革しながら、成長と収益性を最大化できます。
                                Netskopeソリューション
                                Netskope Cloud Exchange
                                Netskope Cloud Exchange(CE)は、セキュリティ体制全体で投資を活用するための強力な統合ツールをお客様に提供します。
                                  Netskopeテクニカルサポート
                                  Netskopeテクニカルサポート
                                  クラウドセキュリティ、ネットワーキング、仮想化、コンテンツ配信、ソフトウェア開発など、多様なバックグラウンドを持つ全世界にいる有資格のサポートエンジニアが、タイムリーで質の高い技術支援を行っています。
                                    Netskopeの動画
                                    Netskopeトレーニング
                                    Netskopeのトレーニングは、クラウドセキュリティのエキスパートになるためのステップアップに活用できます。Netskopeは、お客様のデジタルトランスフォーメーションの取り組みにおける安全確保、そしてクラウド、Web、プライベートアプリケーションを最大限に活用するためのお手伝いをいたします。

                                      Managing a World Class Security Program in a Recession

                                      Nov 07 2023

                                      As signs of a global recession continue to linger, many businesses are still tightening their spending across the board. Though cybersecurity remains a critical concern for virtually every type of organization, even security leaders may need to watch their spending—while somehow still keeping pace with the latest threats and risk exposures. 

                                      Some leaders may instinctively just want to keep their heads down and tread water through the storm; but the challenges of the times offer a unique chance to transform your security organization. And building a world-class security program starts with you. Best of class CISOs will use this opportunity to prove their worth as a leader and deliver a better overall security program—one that’s both risk-based and responsive to changing business conditions. 

                                      The obvious challenge is that in a recession, most companies will become more conservative with funds. Even critical security upgrades may be subject to scrutiny. So be prepared to talk with your executive team about how security is doing its part. Frame the discussions around all the ways security is measurably driving business enablement—from helping to earn revenue, to establishing trust with customers, to facilitating implementation of new digital tools. 

                                      In support of demonstrating value toward justifying security budgeting going forward, focus your program objectives on three main areas of impact: resilience, cost management, and business agility.

                                      Building Trust and Resilience

                                      While historical data shows that economic downturns bring more cyberattacks, your discussions with other C-suite leaders about security budgeting should focus on demonstrating value rather than warning about potential risks. Avoid using “FUD” (fear, uncertainty, and doubt) about things like the cost of a successful ransomware attack or the fines from a compliance violation. These kinds of arguments make weak cases for budget requests.

                                      Instead, CISOs should focus on building trust with other executives by showing how their program supports business enablement. You need to make detailed use cases for how security impacts the bottom line or how it directly contributes to customer retention (such as signing a client with strict regulatory requirements). Using positive messages reinforces the often overlooked fact that security creates its own unique and measurable value—it isn’t just another cost center being carried by the sales team.

                                      Managing Costs and Complexity

                                      Like any technology infrastructure, security can get bloated. Most existing architectures today have been built product-by-product, and over time, they have become exceedingly complex. Complexity is the enemy of security because it can obscure vulnerabilities while creating costly operational inefficiencies. 

                                      There’s an old saying in security: “We’re great at buying new products, we’re poor at implementing, we forget about optimizing, and we never remove.” Though many teams have fallen into the habit of adding on products, services, and subscriptions to cover new exposures and gaps as they appear, now is the time to reevaluate whether or not all these things still effectively serve their intended purposes. CISOs should use this opportunity to assess their existing security architecture and licensing.

                                      Consolidation can help simplify your infrastructure to improve efficiencies, reduce costs, and shrink the organization’s attack surface. Additionally, it can help you maximize the value of existing staff. You’re probably not going to lay anybody off, since most security teams today are already understaffed. But infrastructure consolidation can also enable automation of more routine tasks—things like patch management. This frees-up your team for higher-impact activities, like threat hunting and active risk management. Get more from your people without adding headcount.

                                      Boosting Business Agility

                                      In uncertain times, change is the only constant. These changes might include shifting to new cloud-based tools that help the business save on licensing costs, or major organizational adjustments that come with mergers and acquisitions (M&As). A world-class security program is one that’s designed to enable dynamic business agility—keeping the organization safe and scalable at every turn. 

                                      A risk-based, agile security program can help business units rapidly respond to market demands while simplifying the user experience, ensuring productivity, and reducing overhead. This might include seamless adoption of the latest SaaS applications, securing hybrid work at-scale via zero trust network access (ZTNA), or connecting and protecting newly acquired offices with SD-WAN solutions. 

                                      An Opportunity to Transform Security

                                      Periods of economic hardship come and go. I’ve weathered similar storms leading security teams through the dot-com bust of the early-2000s and the financial crisis of 2008. For CISOs, this is an opportunity to show that you are a true leader—an equal member of the executive team who is doing your part to manage the situation. 

                                      While the value of security is always grounded in preventing all the damage that comes with a breach (e.g., stolen data/IP, financial losses, legal/regulatory penalties, bad publicity), a world class security program is one that confidently contributes to the broader organization’s goals and activities. Focusing your plans on resilience, cost management, and business agility not only will help you build a more efficient program—it will ultimately help you deliver more effective security as well. 

                                      Article originally published at Security Boulevard.

                                      author image
                                      James Christiansen
                                      James Christiansen is Netskope’s VP of cloud security transformation and leader of the Global Chief Strategy Office. He is focused on enhancing Netskope’s global clients.
                                      James Christiansen is Netskope’s VP of cloud security transformation and leader of the Global Chief Strategy Office. He is focused on enhancing Netskope’s global clients.

                                      Stay informed!

                                      Subscribe for the latest from the Netskope Blog