fechar
fechar
Sua Rede do Amanhã
Sua Rede do Amanhã
Planeje seu caminho rumo a uma rede mais rápida, segura e resiliente projetada para os aplicativos e usuários aos quais você oferece suporte.
          Experimente a Netskope
          Coloque a mão na massa com a plataforma Netskope
          Esta é a sua chance de experimentar a plataforma de nuvem única do Netskope One em primeira mão. Inscreva-se em laboratórios práticos e individualizados, junte-se a nós para demonstrações mensais de produtos ao vivo, faça um test drive gratuito do Netskope Private Access ou participe de workshops ao vivo conduzidos por instrutores.
            Líder em SSE. Agora é líder em SASE de fornecedor único.
            Líder em SSE. Agora é líder em SASE de fornecedor único.
            A Netskope estreia como líder no Quadrante Mágico™ do Gartner® para Single-Vendor SASE
              Protegendo a IA generativa para leigos
              Protegendo a IA generativa para leigos
              Saiba como sua organização pode equilibrar o potencial inovador da IA generativa com práticas robustas de segurança de dados.
                E-book moderno sobre prevenção de perda de dados (DLP) para leigos
                Prevenção Contra Perda de Dados (DLP) Moderna para Leigos
                Obtenha dicas e truques para fazer a transição para um DLP fornecido na nuvem.
                  Livro SD-WAN moderno para SASE Dummies
                  SD-WAN moderno para leigos em SASE
                  Pare de brincar com sua arquitetura de rede
                    Compreendendo onde estão os riscos
                    O Advanced Analytics transforma a maneira como as equipes de operações de segurança aplicam insights orientados por dados para implementar políticas melhores. Com o Advanced Analytics, o senhor pode identificar tendências, concentrar-se em áreas de preocupação e usar os dados para tomar medidas.
                        Os 6 casos de uso mais atraentes para substituição completa de VPN herdada
                        Os 6 casos de uso mais atraentes para substituição completa de VPN herdada
                        O Netskope One Private Access é a única solução que permite que o senhor aposente sua VPN definitivamente.
                          A Colgate-Palmolive protege sua “propriedade intelectual "” com proteção de dados inteligente e adaptável
                          A Colgate-Palmolive protege sua “propriedade intelectual "” com proteção de dados inteligente e adaptável
                            Netskope GovCloud
                            Netskope obtém alta autorização do FedRAMP
                            Escolha o Netskope GovCloud para acelerar a transformação de sua agência.
                              Vamos fazer grandes coisas juntos
                              A estratégia de comercialização da Netskope, focada em Parcerias, permite que nossos Parceiros maximizem seu crescimento e lucratividade enquanto transformam a segurança corporativa.
                                Netskope solutions
                                Netskope Cloud Exchange
                                O Netskope Cloud Exchange (CE) oferece aos clientes ferramentas de integração poderosas para alavancar os investimentos em toda a postura de segurança.
                                  Suporte Técnico Netskope
                                  Suporte Técnico Netskope
                                  Nossos engenheiros de suporte qualificados estão localizados em todo o mundo e têm diversas experiências em segurança de nuvem, rede, virtualização, fornecimento de conteúdo e desenvolvimento de software, garantindo assistência técnica de qualidade e em tempo hábil.
                                    Vídeo da Netskope
                                    Treinamento Netskope
                                    Os treinamentos da Netskope vão ajudar você a ser um especialista em segurança na nuvem. Conte conosco para ajudá-lo a proteger a sua jornada de transformação digital e aproveitar ao máximo as suas aplicações na nuvem, na web e privadas.

                                      Managing a World Class Security Program in a Recession

                                      Nov 07 2023

                                      As signs of a global recession continue to linger, many businesses are still tightening their spending across the board. Though cybersecurity remains a critical concern for virtually every type of organization, even security leaders may need to watch their spending—while somehow still keeping pace with the latest threats and risk exposures. 

                                      Some leaders may instinctively just want to keep their heads down and tread water through the storm; but the challenges of the times offer a unique chance to transform your security organization. And building a world-class security program starts with you. Best of class CISOs will use this opportunity to prove their worth as a leader and deliver a better overall security program—one that’s both risk-based and responsive to changing business conditions. 

                                      The obvious challenge is that in a recession, most companies will become more conservative with funds. Even critical security upgrades may be subject to scrutiny. So be prepared to talk with your executive team about how security is doing its part. Frame the discussions around all the ways security is measurably driving business enablement—from helping to earn revenue, to establishing trust with customers, to facilitating implementation of new digital tools. 

                                      In support of demonstrating value toward justifying security budgeting going forward, focus your program objectives on three main areas of impact: resilience, cost management, and business agility.

                                      Building Trust and Resilience

                                      While historical data shows that economic downturns bring more cyberattacks, your discussions with other C-suite leaders about security budgeting should focus on demonstrating value rather than warning about potential risks. Avoid using “FUD” (fear, uncertainty, and doubt) about things like the cost of a successful ransomware attack or the fines from a compliance violation. These kinds of arguments make weak cases for budget requests.

                                      Instead, CISOs should focus on building trust with other executives by showing how their program supports business enablement. You need to make detailed use cases for how security impacts the bottom line or how it directly contributes to customer retention (such as signing a client with strict regulatory requirements). Using positive messages reinforces the often overlooked fact that security creates its own unique and measurable value—it isn’t just another cost center being carried by the sales team.

                                      Managing Costs and Complexity

                                      Like any technology infrastructure, security can get bloated. Most existing architectures today have been built product-by-product, and over time, they have become exceedingly complex. Complexity is the enemy of security because it can obscure vulnerabilities while creating costly operational inefficiencies. 

                                      There’s an old saying in security: “We’re great at buying new products, we’re poor at implementing, we forget about optimizing, and we never remove.” Though many teams have fallen into the habit of adding on products, services, and subscriptions to cover new exposures and gaps as they appear, now is the time to reevaluate whether or not all these things still effectively serve their intended purposes. CISOs should use this opportunity to assess their existing security architecture and licensing.

                                      Consolidation can help simplify your infrastructure to improve efficiencies, reduce costs, and shrink the organization’s attack surface. Additionally, it can help you maximize the value of existing staff. You’re probably not going to lay anybody off, since most security teams today are already understaffed. But infrastructure consolidation can also enable automation of more routine tasks—things like patch management. This frees-up your team for higher-impact activities, like threat hunting and active risk management. Get more from your people without adding headcount.

                                      Boosting Business Agility

                                      In uncertain times, change is the only constant. These changes might include shifting to new cloud-based tools that help the business save on licensing costs, or major organizational adjustments that come with mergers and acquisitions (M&As). A world-class security program is one that’s designed to enable dynamic business agility—keeping the organization safe and scalable at every turn. 

                                      A risk-based, agile security program can help business units rapidly respond to market demands while simplifying the user experience, ensuring productivity, and reducing overhead. This might include seamless adoption of the latest SaaS applications, securing hybrid work at-scale via zero trust network access (ZTNA), or connecting and protecting newly acquired offices with SD-WAN solutions. 

                                      An Opportunity to Transform Security

                                      Periods of economic hardship come and go. I’ve weathered similar storms leading security teams through the dot-com bust of the early-2000s and the financial crisis of 2008. For CISOs, this is an opportunity to show that you are a true leader—an equal member of the executive team who is doing your part to manage the situation. 

                                      While the value of security is always grounded in preventing all the damage that comes with a breach (e.g., stolen data/IP, financial losses, legal/regulatory penalties, bad publicity), a world class security program is one that confidently contributes to the broader organization’s goals and activities. Focusing your plans on resilience, cost management, and business agility not only will help you build a more efficient program—it will ultimately help you deliver more effective security as well. 

                                      Article originally published at Security Boulevard.

                                      author image
                                      James Christiansen
                                      James Christiansen is Netskope’s VP of cloud security transformation and leader of the Global Chief Strategy Office. He is focused on enhancing Netskope’s global clients.
                                      James Christiansen is Netskope’s VP of cloud security transformation and leader of the Global Chief Strategy Office. He is focused on enhancing Netskope’s global clients.

                                      Mantenha-se informado!

                                      Assine para receber as últimas novidades do Blog da Netskope