Security is on everyone's mind today, so corporations and the government must consider how to create secure systems while maintaining usability and customer experience in relation to digital transformation. For this episode, we talk with Tom Patterson, Chief Trust Officer at Unisys, to learn strategies for secure computing. Their operating system, ClearPath Forward, has never been hacked so Tom will explain how Unisys has achieved that goal.
Tom Patterson is the Unisys Chief Trust Officer and Vice President of the Global Security business. Michael Krigsman is an industry analyst and the host of CXOTALK.
For more information, https://www.cxotalk.com/episode/secur...
------------------
Check out more CXOTALK episodes: https://cxotalk.com/episodes
------------------
From the transcript:
And so, where do you draw those lines, and where should CIOs and Chief Information Security Officers, and boards of directors, draw those lines for their organizations?
Tom Patterson:
(19:33) Yeah, Michael. The trade-off question is one that we tackle frequently on a regular basis. Because, in the olden days, it was a trade-off. Do you want to be open or do you want to be closed? And if you’re closed, you can’t really do too much, and if you’re open, you’re at risk. And that was the trade-off that was always there.
(19:53) This day and age, [it] is that businesses have gone digital. And we're using shared resources as though they were our own, like public cloud systems and employees' own mobile devices. All these now share concepts. We're actually able to architect security in, so it’s an enabler of that, as opposed to a trade-off for that.
(20:13) And, you mentioned ClearPath Forward. One of the products we're very proud of, it is a fundamental, core system behind over a trillion dollars a day that gets transacted online at banks around the world. Think about that! Over a trillion dollars a day; has been for over five years. And if you go to NIST, the National Bureau of Standards … [Laughter] the new name for the National Bureau of Standards; if you go to NIST's website and look it up, they actually rank the security of all publicly sold products. And if you look at operating systems, we’re at the top of the list. Number of hacks: zero. Successful attacks: zero. Overall, this is a huge bullseye! Trillions of dollars a day! And yet, zero hacks.
(20:57) And, it didn’t come from restricting it. That came from designing security in. Thought process number one was this has to be used for the most important business of the world. You know, real-time systems. You know, we don't want planes to fall from the sky. We don't want trillions of dollars to disappear. We don't want the power to go out. These systems that have to be right, all the time.
(21:43) Now, if you’re clever about security, if you’re using modern tools like micro-segmentation, you can actually be that business enabler. You can save your organization money by safely using the cloud. You can save your organization money by having a supply chain that’s fully integrated, but do it in a way that they’re all in one little microsegment, not having root access to the rest of your business. So, we really look at tradeoffs being a word of yesterday. And today’s word around security is, “enabler,” and that’s what we focus on at Unisys.
====
So, again, I don’t try and make a board member a security expert. But, I also, I get them off of worrying about their home computer and what virus they might have, and why is their computer slow, which used to be the questions. Now, it's all about … I hear GDPR, this new regulation that's coming into force in spring of next year spring of 2018. What's our exposure to that? What's our impact to that? What can we do not only to be compliant but to lower our audit service as we go forward with that? Just asking those kinds of questions start the ball rolling within a company, and generally, they're going to like the answers, is what I tell them.
(30:12) Most every company of any size that’s been around for a while has issues like technical debt. They’ve got old stuff, and there’s not enough money to buy all new stuff. So, they’ve got to work together and be realistic with each other and say, “Well, we’ve got this privacy spin that we’ve got to do, and we’ve got this technical debt issue for here, and we’re trying to go an open business in country X and country Y. Let’s design a system, maybe using a cloud provider and some micro-segmentation and we do this.” Suddenly, we’re addressing all those issues with one spend. And that is really opening the eyes not only of the practitioners but it's opening the eyes of the business leaders and the governance leaders across the board. And literally, around the world.
Информация по комментариям в разработке