https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Digital Transformation


Carousel Always On Symposium 2018

Carousel Industries Digs Into Success and Security

  • Written by Lynn Haber
  • November 9, 2018
When it comes to defining success in IT tech deployments, it's never about one thing. Success, like digital transformation, is a journey that's unique to each organization.

CAROUSEL AOTS — Digital transformation is rattling every business. Certain advanced and emerging technologies are shaping up to be critical on this journey. But how do organizations define success?

At this year’s Always On Technology Symposium (AOTS) Thursday in Boston, organized by Carousel Industries, IT pros and partners took a shot at it.

Jason Viera, chief technology officer at Carousel, set the stage for the conference theme “Success” and how businesses think about success in three technology areas that are making companies successful today: artificial intelligence (AI), security and cloud.

Why these three technologies? Because they’re key technologies shaping digital transformation.

“Companies can’t turn a blind eye to these technologies,” Viera said. “If you don’t like change, you’ll like irrelevancy even less.” Viera said.

Jason Viera

While it quickly became clear that there’s no one definition for success, it also became apparent that how success is defined for a given technology is multifaceted and must be viewed from three vantage points: the organization, the team and the individual.

What better way to put into perspective just how difficult it is to define success for a given technology than to home in on security.

In a panel discussion – “Security Success Defined” – moderated by Viera, Jason Albuquerque, CISO at Carousel Industries; Jon Fredrickson, CISO at Blue Cross Blue Shield of Rhode Island; Reg Harnish, CEO of Gray Castle Security; Chris DeCarli, manager, security infrastructure services at FM Global; and Joe Pangborn, chief information officer, U.S. Naval War College, accepted the challenge.

From the get-go, everyone agreed that security is never done.

“With today’s advanced threats you can no longer check boxes and say, ‘Mission accomplished,’” said Viera.

Panelists batted around responses to questions on topics such as: security and compliance; balancing security controls with end user expectations; meeting businesses security requirements versus opting for product capabilities; and defining success in light of a security breach.

Jumping into it, panelists first considered the question: How to differentiate between compliance with true security efficacy in their organizations?

Albuquerque contends that security is the driver of compliance. Compliance is a reporting structure while true security protects the organization.

“[Compliance] has to become a byproduct of security,” he said. Do it in the reverse and you’re not really securing the network or the infrastructure; you’re putting checks in the boxes. “You’re appeasing auditors.”

Panelists shared the view that compliance contradicts security. There are different ways to solve different problems. In security, compliance is one accepted way — and if you’re not doing that, you’re considered to be out of compliance.

DeCarli pointed out that some organizations define meeting regulatory compliance as success.

“When you’re looking at how you define success, you have to understand the people in your organization and what’s driving their security plan,” he said. “If you’re a security professional passionate about security, your target may be different than those who look at compliance and regulatory guidelines.”

For Pangborn, success is accomplishing the mission and accomplishing it securely. His unique environment means complying with DoD and department of Navy regulations, which are geared around tactical and operational systems.

“Trying to implement those security checklists in an education and research environment is very difficult,” he said.

In fact, he pointed out that if he only addressed a compliance checklist, his mission would fail, and education and research couldn’t happen.

“We have to alter those and find a solution that securely implements particular applications and supports the environment,” he said.

What about balancing security controls with end user expectations?

“You have to bake it into your DNA,” said Albuquerque. “Because then the user experience is part of that project and you know it’s secure by design.”

Pangborn talked about a company’s culture, which starts at the top.

“It starts with the board, with the CEO, and gets pushed down,” he said.

Fredrickson said the balancing act is between how the user needs to operate and how secure the organization has to be. He gave the example of a doctor who needs to provide a security code every time she logs into the computer, which is multiple times a day. What about designing the system, so when she logs into the computer in the morning she enters a security code and gets computer access all day long?

“We moved the needle and the doctor got a better user experience,” he said.

A question that rarely gets asked when it comes to cybersecurity is, “Is it worth it?”

“We don’t do a good job in cybersecurity of asking the question, ‘Is it worth it?’” said Harnish. “So, is multifactor authentication worth the end-user inconvenience for risk reduction in the health care system?” he said.

An admittedly surprising answer from a guy that sells cybersecurity services: “Everybody should be thinking about how they do the absolute minimum in cybersecurity to meet what they consider their risk profile,” said Harnish. “Because you can do more but you’ll just introduce inconveniences that aren’t serving the business mission.”

What about meeting the business’ security requirements rather than buying into vendor product capabilities?

Panelists agreed that they need to know what their security requirements are before they talk to vendors who often tell them what they need — or they risk not aligning with the business.

“Don’t call the vendor first,” said Pangborn.

Most buyers start at the wrong end of the process, buying the tools first, rather than making security a business conversation.

“My perspective is that I want a partner,” said Albuquerque. “I want someone that I can trust to do the vetting, to look through the mess of security companies pushing product. The partner will know my business and help me select the right technologies to get me to my business outcome along this journey.”

Finally, panelists addressed the question: How do you quantify success in light of a security breach?

Fredrickson looks at two areas to decide success in a cybersecurity attack: Did I detect it? How quickly did I recover?

“If I was successful, than I detected this thing [before someone else did] and did I do it faster than a previous incident?” he said. “On the business side, it’s about getting back to business as usual.”

DeCarli agrees and goes a bit further.

“It’s also about whether you had a program in place prior that was defensible and justifiable, and it’s a plan that you were following,” he said. “Or, were you throwing security solutions against the wall and had no idea of what your risks were.”

No response plan, however, is comprehensive and successful if you’re not practicing your plan, contended Albuquerque. In fact, you’re doing your business a disservice.

“If you’re not going after that plan so that it becomes muscle memory at some point, if you’re not training or trying different methods of attack and detection [and so on],you’re doing a disservice.”

For Harnish, measuring success in light of a breach is about business resiliency and resuming business operations within an acceptable time frame.

“An organization that can effectively measure things like time to detection, they’re unicorns,” he said. “This is about, how do we introduce resilience to the business such that our mission is protected no matter what’s going on?”

Speaking to the complexity of security, Pangborn adds, “So, time to detect, time to react and protecting the rest of the network from that vulnerability.”

And security doesn’t only fall to the IT team, because it goes beyond being a technical issue.

“You have to think across the business and work with the different teams in the business, such as finance, HR [an so on],” suggested Albuquerque.

At the end of the day, panelists agreed that a safe organization becomes a trusted organization. They also agreed that success is a moving target and it’s unique to each organization.

Tags: Agents Cloud Service Providers MSPs VARs/SIs Cloud Digital Transformation Security Strategy

Most Recent


  • Restructuring
    CEO on Rackspace Restructuring: ‘We’re Excited About … 2 Business Units’
    Kevin Jones gave analysts some insight into upcoming changes at the giant managed service provider.
  • Black Hat logo
    Black Hat USA 2022: DNSFilter, NetWitness, BlackBerry, CrowdStrike, More
    The event marks the 25th Black Hat USA.
  • Marketing Leader Amy Bailey Leaving Telarus, Eyeing New Opportunity
    Telarus hired a chief marketing and experience officer earlier this year.
  • partner portal
    GoTo Promotes Chief Product and Technology Officer to CEO
    He will accelerate innovation and growth in the SMB space, the company said.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Focus
    Cisco Live! Day One: Focus on SASE, Passwordless, Purchasing Models
  • Microsoft Office 365 Business Booming for MSPs
  • Multicloud
    Google Cloud, Cisco Solidify Network Management Team-Up
  • 6, six
    Exclusive Networks Channel Update: 6 Takeaways

Upcoming Events

View all

MSP Summit

September 13, 2022 - September 16, 2022

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Galleries

View all

Black Hat USA 2022: DNSFilter, NetWitness, BlackBerry, CrowdStrike, More

August 10, 2022

Samsung Unpacks Galaxy Z Fold4 Foldable Phone with Multitasking PC Features

August 10, 2022

Images: Telarus Hosts Partner Summit, Gives Partner, Supplier Awards

August 5, 2022

Industry Perspectives

View all

Seize the Application Modernization Opportunity

August 2, 2022

A Growth Mindset: Your Organization’s Strategic Differentiator

August 1, 2022

Timely Tips for Non-Negotiable Patch Updates

July 29, 2022

Webinars

View all

Outsmarting RaaS: Implementation Strategies To Help Your Clients Before, During, and After a Ransomware Attack

August 23, 2022

Why it is Important to Upgrade Aging Servers and How to use Live Optics to Upgrade Efficiently

August 25, 2022

Executives at Home are Not Alright: An Intro to Digital Executive Protection

September 8, 2022

White Papers

View all

Work Goes Remote – (and Other Top ITOps Trends)

May 25, 2022

The New Bottom Line: How MSPs Can Meet the Healthcare Crisis While Evolving Their Businesses

April 19, 2022

How to build a Security Operations Center (on a budget)

April 4, 2022

Channel Futures TV

View all

ThreatLocker Preaches Zero Trust, Addresses Industry Competition

ScienceLogic Debuts New Partner Portal

August 9, 2022

Vonage a ‘Single Communications Stack Provider’ for Partners, Customers

June 27, 2022

IBM, Partners and the $1 Trillion Hybrid Cloud Opportunity

June 26, 2022

Twitter

ChannelFutures

Read about @adaptivnetworks's new distribution partner. dlvr.it/SWQFh3 https://t.co/az12SeMU7X

August 10, 2022
ChannelFutures

A succession crisis has been brewing in the channel. Are you thinking about how to develop leaders?… twitter.com/i/web/status/1…

August 10, 2022
ChannelFutures

Looking for clues about the upcoming #Rackspace #restructuring? We have a little insight from yesterday’s earnings… twitter.com/i/web/status/1…

August 10, 2022
ChannelFutures

Ready for more @GoogleCloud in #AsiaPacific? Find out where channel partners will be able to take advantage of new… twitter.com/i/web/status/1…

August 10, 2022
ChannelFutures

[email protected] has been a key figure in both the TSB market and the channel DE&I community. @Telarus… twitter.com/i/web/status/1…

August 10, 2022
ChannelFutures

.@SamsungMobileUS launches new #GalaxyZFold4 and Galaxy ZFlip 4 at #SamsungUnpacked. dlvr.it/SWP38j https://t.co/nY6KLrk1E4

August 10, 2022
ChannelFutures

#BHUSA kicks off with news from @DNSFilter, @NetWitness, @BlackBerry, @CrowdStrike, more. dlvr.it/SWNvrj https://t.co/oDI6vf5CdX

August 10, 2022
ChannelFutures

Get to know @ScienceLogic and its new channel leader ahead of @MSP_Summit. #MSPSummit @Channel_Expo… twitter.com/i/web/status/1…

August 9, 2022

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X