SITUATION/CHALLENGE - Companies and governments have spent trillions of dollars implementing information security infrastructures and complying with legal and regulatory requirements around data protection and preservation. Yet, more than 226 million data records of U.S. residents have been reported by PrivacyRights.org as exposed by security breaches since January 2005 and it is estimated that 60% of companies are yet not reporting all breaches - which means an average of about 182,000 data breaches are reported daily the confidential information of customers, employees and partners in 454,000 is stolen daily...
Five years ago, less than 18 percent of companies recognized they had information security problems. Although the initial concepts of computer security were first developed in the early 1970s, few companies have implemented comprehensive data security strategies that would enable them to face today’s growing range of threats. Such threats include but are not limited to natural disasters, internal physical environment damages and terrorist attacks. Malicious data attacks mounted from both within the organization and via the Internet. They are joined by a litany of natural and man-made hazards to form a nearly overwhelming threat to critical data assets and business operations. Infrastructure vulnerability also contributes to insecurity in ways that have become much more apparent as data proliferates. Solutions must be found to securely and permanently store data over lengthy retention periods so. not only are we protecting today and yesterday’s information for e-discovery and compliance but, we can also leverage this information towards tomorrow’s growth such as long-term data to be used for more advanced and rapid R&D discoveries.
Unfortunately, end-point or perimeter defenses are not sufficient to ensure data availability, resiliency or security. When breaches occur, companies and governments must cope with a range of consequences that go beyond data loss, including financial penalties, damaged corporate brand, decline in business morale, impaired business relations, drop in stock price, and impaired regulator relations resulting in substantial corporate losses.
As the average cost of lost, damaged and stolen data has risen to $3.8 million per fraud incident per company, and $183 per breached record, the average daily cost of stolen information could be estimated at $83 million daily. The financial and business value of current information assurance/information security products are being subjected to increased scrutiny yet, as companies are facing fines, it is no longer an option that companies with good risk management practices can dismiss. It is clear that organizations need a new security assurance paradigm and simple, integrated and cost-effective infrastructure solutions to ensure the prompt recovery of data-in-flight as well as data-at-rest at any point in time.
It is no longer sufficient to protect data at the perimeter when studies reveal that between 64 to 80 percent of all breaches are the result of insider threats. Whether data is compromised as a result of malicious attacks to simple manipulation mistakes, companies now have to protect themselves not only against external threats, as they have been doing for several years, but a new emphasis needs to be placed on resolving insider challenges – which are more costly and affect a much larger portion of business sensitive data.
Name: Anyck Turgeon
Title: Chief of Market Strategy and Security
Company: Crossroads Systems
SOLUTION - Anyck Turgeon has a strong background implementing and deploying data management solutions in both small and large corporations worldwide. After joining Crossroads Systems, Anyck worked toward the expansion of Crossroads’ strong high-performance data routing engines to target today’s information security challenges: the rise in insider threats, the exponential growth of unmanaged data, and improvement of protection services for data-at-rest.
Turgeon has helped to shape Crossroads Systems’ security solutions focus. Her philosophy is simple: From the laptop to the large corporate tape library or disk storage environment, it is critical that data be properly managed and protected throughout its useful life and regardless of its hosting platform. As we start discussing large storage environments, the level of exposure becomes substantially more risky and challenging so, it is critical to implement a full data security infrastructure. Companies and governmental agencies need to implement a multi-stage information security solution that is simple, integrated and cost-effective. Even the most trusted business relationships and activities need to be tracked, management and audit to demonstrate, verify and monitor their compliance with corporate security policies. As important as it is to ensure proper access to all information, it is also most critical to know how, what, when, where and how data is accessed, modified and/or deleted.
Crossroads Systems’ Business Information Assurance (BIA) program has produced a broad range of unique solutions that enhance today’s information security and information assurance programs. That way, businesses and government institutions can be better equipped to face data accessibility issues, whether they are caused by cataclysmic disruption such as 9/11 or Hurricane Katrina, or the much more frequent data crises that result from visitations by script kiddies or the accidental deletion of a key file at the wrong time.
To develop the new Business Information Assurance (BIA) concepts, Anyck met with various organizations, including Cylab, CSIA, INCITS, the United Nations/AIT Global and NIST. She also interviewed IT business leaders including Jon Toigo (industry watchdog and consumer advocate), Jean-Pierre Champigny (CIO at the French bank CIC) and Maurice Stebila (EDS GM Security Assurance Programme Director)as well as key data security industry leaders such as Rhonda MacLean (CISO at Barclays Bank), John Stenbit (former CIO at DoD), Andrew Heller (former Kleiner Perkins VC), Carolyn Purcell (former CIO for the State of Texas) and (Special Agent, U.S. Secret Service, Ret. 22 years and now, Chairman IT Security Entrepreneurs' Forum), etc. to discuss current issues and to develop a more advanced approach to ensuring the security, high-availability and resiliency of data. BIA builds on the information she rigorously collected and documented.
Today, BIA is a new approach that ensures the protection, security and availability of data throughout its useful life. This new approach is a key milestone in technology as it offers flexible, cost-effective and purpose-built solutions to the current data security challenges that all organizations confront.
Info Security Products Guide
CONCLUSION - For today’s corporations to remain in-business, for governments to remain efficient and for individuals to reach unprecedented financial and medical benefits, it is critical that IT managers facilitate secure access to corporate information for business decision-makers whenever they need it. Even if the data was stored yesterday on disk or two decades ago on tape, it is critical to be able to locate data in a timely way and to ensure that data under management has high integrity. Getting access to data when needed (today, tomorrow, or in 100 years), as well as securing and protecting data through its entire lifecycle, has become a fundamental requirement for doing businesses.
Whether an organization is a financial institution storing retailers’ consumer credit card information, whether it’s are a high-tech company or pharmaceutical with a heavy investment in intellectual property, or a manufacturer who must never miss a shipment to large clients, it has a clear and present need for a simple, integrated and cost-effective approach that will protect, secure, and deliver fast access to data. Companies and governmental agencies of all sizes can benefit from developing current data security models by implementing the concepts and technologies that comprise Crossroads Systems’ BIA technologies.
Anyck joined Crossroads in 2005 with more than 20 years of experience in the high-tech industry. She currently leads Crossroads’ corporate and product security strategic efforts. As she joined Crossroads, Anyck developed a unique approach to securing data through its entire lifecycle called Business Information Assurance (BIA). This new BIA architectural approach protects data against today’s most problematic information security challenge - insider threat, as well as opens the door to full convergence between security and storage within a unique platform. Previously, Anyck has successfully led Crossroads’ corporate communications, marketing and strategic alliances.
Prior to joining Crossroads, Anyck oversaw the creation of three key strategic departments at Oracle managing global teams focused on product solutions, vertical implementations and on-demand services.
Anyck comes from a strong implementation background whereas she has designed revolutionary technologies, architected and deployed leading data management/access/warehousing solutions and managed highly-secure IT environments for numerous of the world's leading corporations including Nabisco, DoCoMo, General Motors, Cedar-Sinai, Ontario Securities Commission, JP Morgan Chase, Alcan, Thomson Newspaper and Crédit Lyonnais.
11000 North Mopac
Austin, Texas 78759