Managing Risk is More Important Now Than Ever

February 20, 2018 2970 Views Gabriel Torok

I just read the Forrester Wave™: Governance, Risk, And Compliance Platforms, Q1 2018.

Forrester reminds us all that “Risk and compliance management is more important than ever, thanks to the increasingly intangible nature of business value and the growing risk of violating customer trust.”

The report evaluated 14 leading GRC (governance, risk, and compliance) vendors: ACL, Enablon, IBM, LogicManager, MetricStream, Nasdaq, NAVEX Global, Riskonnect, RSA, Rsam, SAI Global, SAP, ServiceNow, and Thomson Reuters. What was most interesting to me is that 50% of these leading providers use PreEmptive’s application protection tools as part of their own strategy.

With software applications driving new business models, corporate reputations are increasingly at risk and regulatory fines are skyrocketing. Now is an ideal time to implement a comprehensive risk management strategy.

R8: A Step in Google's Android Build Performance Roadmap

Google recently introduced R8, a new tool designed to replace ProGuard as the default shrinker in the Android build process. R8 is meant to produce as-good-or-better outputs than ProGuard, and to do so faster than ProGuard does, thereby reducing overall build times. It will be enabled by default in the next release of Android Gradle Plugin (v3.4).

This change removes a long-standing component (ProGuard) and replaces it with entirely-new code that does essentially the same thing. Why would Google do such an expensive, risky thing?

The booths are gone, the lights are off and the conference halls are empty. It’s a wrap for RSAC 2019, but IT pros aren’t going home empty-handed: Here’s a roundup of this year’s key topics, critical outcomes and biggest surprises.

No “I” in Team

This year’s RSA Conference opted for a simple, one-word theme: Better.

While it’s certainly aspirational, what does it mean in practice? For RSA, it’s a recognition that security doesn’t happen in a vacuum, that infosec pros must work together to find better solutions, make better connections and make the world a better place. Given the often-fragmented nature of corporate IT security — RSA’s focus on empowering the “collective we” in cybersecurity makes sense: Evolving, adaptable threats won’t be defeated by companies operating in isolation.

There’s an app for that.

Apple’s (now trademarked) slogan is perhaps more telling than the company intended: Organizations rise and fall on the strength of applications — well-integrated, full-featured apps can help drive market success, while offerings more limited in scope and functionality may prove disastrous.

The sheer volume of both external and internal applications has also created a new challenge for companies: Risk management. Cybercriminals are both creating custom code and leveraging tools available on the Dark Web to compromise applications, steal corporate data and wreak network havoc.

GDPR fines were inevitable. Despite years of lead-up and months of warning before the legislation came into effect last May, many companies simply weren’t prepared for the complex (and evolving) nature of EU privacy expectations.

Now search giant Google is in the compliance law’s cross hairs: As noted by Bloomberg, Google has been assessed a $57 million fine because it “fails to adequately explain how it collects data to offer personalized advertising.” For some experts, the fine is a warning of things to come — companies must improve their data handling or face the consequences. For others, the penalties are a step too far with a purpose too vague.

The hard truth? No matter where opinions fall, GDPR fines are now out in full force — and your application could be next.

Hackers are winning. As noted by Information Age, data breach reports are up 75 percent over the last two years — while part of this increase is tied to emerging legislation and disclosure requirements, a quick look at tech headlines makes it clear that attackers are coming out ahead in the fight to keep corporate networks, applications and data secure.

But it’s not all bad news. Armed with knowledge of the current breach landscape — along with actionable insight to protect critical assets — organizations can start to even the score and put hackers on the defensive. Here’s what you need to know.

Managing Risk is More Important Now Than Ever

R8: A Step in Google's Android Build Performance Roadmap

RSAC 2019 Roundup: NIST Gets Structural as the NSA Goes Open Source

No “I” in Team

Hardened Apps = Harder Target = Reduced Corporate Risk

GDPR Goes After Google — And Your App Could be Next

Data Breaches in 2019: Why the Hackers are Winning (And What You Can do About It)

Latest Blog Posts

R8: A Step in Google's Android Build Performance Roadmap

RSAC 2019 Roundup: NIST Gets Structural as the NSA Goes Open Source

Hardened Apps = Harder Target = Reduced Corporate Risk

GDPR Goes After Google — And Your App Could be Next

Data Breaches in 2019: Why the Hackers are Winning (And What You Can do About It)

Twitter

App Protection Blogs

Managing Risk is More Important Now Than Ever

No “I” in Team

Latest Blog Posts

Twitter